








COMPUTER PHREAKING IT 


COPYRIGHT ©) 1986, JOHN J. WILLIAMS and FAMILY. ‘ABS@LUTELY ALL RIGHTS RESERVED 
By: John J. Williams, MSEE:--- CONSUMERTRONICS CO.,. P.O. Drawer 537, Alamogordo, NM 88310 


HOW COMPUTERS TALK TO EACH OTHER OVER PHONE LINES.! 


HOW COMPUTERS ARE HOOKED-UP TO PHONE LINES 












as oy shy Pak eapene’s Bee Sere St Disk 
drives MUST be r ly cleaned and lubricated, 
and repaired as led. Malfunctions can be devas- 
tat’ in lost programs, data, text and diskette: 
lost business, upset customers and down time; an 
very high repair costs ($100+/hrl). YOU can 

tain, troubleshoot, and repair drives without 

sive or delicate ent or software - 
often in a ~—> isi ~ it takes you to 
remove, »s r » receive, unpack, re- 
install re-contigune and retest drives ropaiced by 
others! And some drive shops set wrong drive o 
tions and-or offset tracks by two full tracks! 
you want the job done By ‘on time, and at mini- 
mal éxpense - DO IT YOURSELF! 100+ fully label- 
ed and figures of many STANDARD-BUS 
3. ", MICROFLOPPY drives 
(APPLE, CoM IBM-PC/ 
les, 4. 

than DSM IL. 


» AGES what mean). Chapter IV: DIAG- 

NOSTICS & TROUBLESHOOTING (how-to, st - 

step). Chapter Vz: MAINTENANCE. Chapter. Vi 

SP’ ADJUSTMENT. Chapter VI: R-W HEAD 

ALIGNMENT (includes and eccentricity). 

Chapter VIlls ELECTRONICS & REPAIRS aoe 
ter 


k correct power/; stem wir! 
BSCS, EANEGES Raphi i Soe fb 
r 
Compliance, Cone Assembly, Spindle Assembly, 
¥ Module Assembly, ic coer’ _— Motor, 
Door), Chapter DRIVE TEST STATION (profes- 
f sional ). Chapter XI: REPAIR SHOP 


TECHNIQUES. Chapt 
SOFTWARE CRITIQUE. 
> MODIFICATIONS. GLOSSARY. ONLY $22 


DISK DRIVE TUTORIAL I 


Detailed theory, practical facts and tips on floppy 
idrives, diskettes, FDCs, interfacing, formatting 
and disk-stored software. A must for the Student, 
Programmer and Computer Shopper (save $)1 Re- 
§ lates to drives of every make, and used in IBM-PC/ 
Compatibles, APPLE, TANDY, COMMODORE, 


( seit and vowed 
ti Vilzs RECOMMENDATIONS. 
ADDRESSES. GLOSSARY. ONLY $17 


STOCKPRO Il 


Effective, unique, unconventional methods to 
select common stocks! Dozens of applications re- 
pe ng Dh cars oral Be, O Il subse- 
quently increased in value by 31% » 211% averages 
per ol Use STOCKPRO II's shrewed statistical. 
and intuitive methods to profit in Bull and Bear 
markets. Completely described and illustrated. 
Includes Microsoft BASIC Program. 
Publication: ONLY $20, Plus 5.25" IBM- 
‘Compatible diskette with Program: ONLY $40 


| PC 
ULTIMATE LOGIC PROBE 


Logic probes are vital for the testing of digital, 
poets eerie ae Sage hag electronic circuits. 

mmerc: logic s sew beng ou on im- 
portant features. Fhe powerful UL ROBE, com- 
—— described and illustrated in ULTIMATE 
Boat PROBE has these powerful features: 

@ Measures the 7 of pulses up-to 4 MHz, 
for signals 2.4-30+ Volts. ph 2 ah aes se rate 
enabled/disabled. input’ Impedance at Te Mehne 
enable ut impedance of 1+ Mohm. 
LED and buzzer indicators. $e 

@ Detects short-circuit and open-circuit condi- 
tions - with or without circuit power. No cutting 

§. of traces or lead disconnects are required. 

‘ On-board clock facilitates self-testing and 
\ my continuity testing. Clock output is less than 
; ma. 

; * cee, of | 
h ed connector. Simply ere at probe you desire. 

: @ Operation from either an inte! or external 
; (avicoreniier-sotts om separate pastry) DC power 
» supply. Reverse-polarity protected. 

: the ULTIPROBE is ut the size of a slim- 
» pack of cigarettes. Includes schematics, board lay= 


¥ out and photos. 7 
SCOPE MODIFICATIONS 
designed to 


k Hobbyist oscilloscopes are purposely 
. limit features for manufacturers' pricing policies. 
. For under $100, you can convert a l-channel scope 

R to 2-, 4- or nel, to delayed Hat and-or to 

150% of rated frequency responsel TURN A $400 
PE ALYZER!_ ONLY $7 


ic probes using shar- 


Computer crime and abuses ("Phreaking") costs 
$ Billions annually, and is one of the most devasta- 


ting = yet most profitable and least risky - of all 
crimest COMPUTER PHREAKING Il describes in 
sizzling detail: 


e zens of computer crime methods. And 
dozens of actual cases - including the detailed 
case histories of several major groups! How 
Phreaks penetrate. 

@ Dozens of countermeasures, including pass- 
words and ciphers. State-of-the-art techniques to 
foil Phreaks. 

@ Definitions of 200-popular computer crime 
terms, including colorful ones such as: BODY 
SNATCHER, ASH, CRETIN 
DRAGON, GODFATHER, GRONK,, 


PHANTOM 
TROJAN HORSE, 
ens of computer crime security references. 

@ Why computer crimes are the least risky and 
most profitable crimes. 

e WI _How to gain entry into host systems - 
numerous tips! BBS advice. 

@ NEW! 20 methods to get and break passwords. 
Most common wor 
~~ @ NEW! EMI and audio eavesdropping method 
TEMPEST; Van Eck methods; Cross: Amplifiers. 

e ions on ular Phreak systems; wiretap- 
pings FBI quotes; Logic Bombs, Trojan Horses; how 

tee pick their targets; computer impact on 

society. 

COMPLETELY REWRITTENI 100%+ More 
Material. [oe Comprehensive, Illus- 


trated. ONLY 
ABSOLUTE COMPUTER SECURITY 


quired. 
NOT compromise any system using its techniques 
because of the almost infinite variations on how 
they can be applied. 

Included are INVULNERABLE BASIC —— al- 
gorithms (encryption and Ranga aoa BASIC pro- 
gram for computing, testing multikeys; cipher pro- 

ram ae techniques; how to use zaps to protect 

isk files from unauthorized access; clever conceal- 
ment techniques; secure ations procedures; re- 
view of security books - more! None of our ciphers 
are "public key," DES, or "One-Time Pad" methods 
(several keys are possible, no single key exceeds 
50 chars.). 

OUR CIPHERS CANNOT BE BROKEN BY ANY- 
ONE - NOT EVEN WITH A SUPERCOMPUTERI! 
WE WILL AWARD $1,000 rH CASH TO THE 
CONTESTANT IN OUR $1,000 CONTES 


YOUR CHALLENGE! 

Publications ONLY $15, Plus 5.25" IBM- 
PC/Compatible diskette with: 25,000¢ char. ASCII 
ciphertext and programs: ONLY $40 


CRYPTANALYSIS TECHNIQUES 


CRYPTANALYSIS is not only a fun, fascinating 

and challenging. science and. art, but an important 

skill In some professions. CRYPTANALYSIS TECH- 

— Rc and describes five complete BASIC 
lysis Pro 


mst 

e CRYPANLI: l-gram, Index of Coincidence 
(IC) and Measure of Roughness (MR) Analyses. Sal- 
ient features permit tot —— of every N char. 
set with an M Offset (where M<N) to verify suspect- 

key lengths - makes ‘analyzing polyalphabetic 
substitution ciphers a breeze! Shell-Sort of l-graths. 

@ CRYPANL2: 2-gram Analysis. 

@ CRYPANL3: ram Analysis. 

@ CRYPKAS: ISKI Analysis. Salient fea- 
tures include append any number of follow-on 
chars. to each n-gram Find to reveal larger n-grams; 
and the factoring of each Find displacement value 
into its primes to quickly reveal common primes, 
a: key lengths. Dptional Shell-Sort of n-gram 
n 


@ PRIMES: Generates up-to 1,000,000 primes 
for use here, with "public key Setert etc. 

Each i ae is completely described with sam- 
ple results and attack methods. A detailed, com- 
erste worked out example is given. Completely 
abeled printed results. Not only powerful tools to 
decrypt the eee of others, they can also test 
the strength of YOUR CIPHERS; and to develop 
data compression methods - increase data entry 
sizes and memory spe efficiency! Tables in- 
clude detailed I-, 2- a aoe Statistics of typi- 
cal text. Includes reviews o 


cryptanalysis books. 
Publication: ONL 


Plus 5.25" IBM- 


UTE COMPUTER SECURITY does, 





DISK SERVICE MANUAL II | COMPUTER PHREAKINGII | PRINTER & PLOTTER MANUAL II 


Printers and plotters are costly, with little rela- 
tionship between cos: aad and capability! 
P R & PLOTTER IAL I describes: 

@ The physical attgibutes, features and control 
codes of popular printers and plotters. Many cost- 
saving tips and recommendations in their purchase 


and operation. 
@ NEWII 100+ printer/computer interfaces des- 
cribed (parallel serial). Includes specific con- 


nector pin-outs, and DIP switch and jumper settings. 


pence lem areas ot how to correct them. 
w to make memory ades. 

@ NEWII Much enter descriptions and new 

RIAL-TO-P, EL, PAR- 

and X-SWITCHER 


@ NEWIlI: “Much additional up-to-date informa- 
tion on all yer of printers and plotters. COM- 
PLETELY RE = 100%+ more material - 


“@ Pin-outs cf CENTRONICS PARALLEL, RS- 
2C, RS-422A, and 20 MA CURRENT LOOP cor® 
— S pene and null-modem cables, 
x 
t! sections 
PLOTTER TYP! 


devoted to PRINTER 
EXPANDING MEMORY, 
ONIC _TYPEW: 


TRACTOR-FEED, 
DOT-MATRIX, 


D. 
LAS: ROL 
WORDPROCESSING, 
TIME-OUT PROBLE 
TABLET, 


VERTISING, 


Comprehensive and exhaustive - many illustra- 
tions and photographs: ONLY $15 


SUPER RE-INKING METHOD 


New printer/typewriter cartridge ribbons are cost- ¢ 
ly - yet may produce less than 5 hours of quality § 


copy! And are an inconvenience to order - when 
you can find them! Now, you can re-ink your own 
cloth ribbons to last about 10 hours of quality use 
for about 50 cents and 10 minutes of effort per rib- 
bon. Not any ink will dol We developed the right 
combination of clay-free ink and carrier - both 
commonly and orgs oe Par eres from stores 
in black and four colors. 


IONEY ON RIBBONSII ONLY 


COPIER MANUAL 


The total cost of a modern photocopier can exceed 
that of a new car! Yet, copier prices and brand 
names have little to do with features and quality! 
Until COPIER MANUAL, almost nothing was avai 
able for you to compare copiers for features,.quali- 
ty, and price. Modern copiers are dropping in pric- 
es, and have substantially increased features and 
boar COPIER MANUAL describes in detail: 

@ Evaluations of dozens of features, and prices 
of over 100 popular modern iers manufactured 
and-or sold Py A.B. DIC! ION, GESTETNER, 
PITNEY BOWES, acon, ROYAL, ©, SAVIN; 
SHARP, 3M, TOSHIBA; and.XEROXII Also includes 
evaluations of dozens of quality factors of many of 
these copiers exhaustively tested by us. 


Complete! described and illustrated. STOP WAST- 
ING $7 


@ Our evaluations of each major copier manu- § 


facturer, which ones we recommend, and their ad- 
dresses. 
disadvantages - of the copier we recommend as 
the best buy for an office copier. 

@ Dozens of little known facts and tips on copi- 
er selection and operation. How to make substan- . 
tial savings on purchases, maintenance, repairs 
and supplies. How to extend copier and drum life. 
Where to get cheaper supplies - what you can and 
cannot recycle. 
debunked! 

@ How modern xerographic copiers work, in- 
cluding the multi-color copier. Fully illustrated. 
Largely derived from the 

Includes all factors that impact copy quali- 


U. 
v- f Recent and very exciting future copier ¢ 
velo 


ments. 

@ The optimum combination of paper and ink 
color to protect YOUR copyrighted publications 
and classified data from unauthorized use. How to 
copyright publications. 

rank, comprehensive and exhaustive. Dozens 
of illustrations, photographs, and tables. Designed § 
to save YOU § Thousands. ONLY $17 


Please Order Toda 


‘ludes complete plans % 
for _ own el cheapo motor-driven re-inker. 


An indepth evaluation - advantages and 3 


Popular copier myths soundly @ 


ANON SERVICE MAN- § 


{ 




















INTRODUCTION | 


One of the most pressing needs in all computer systems is computer 
security. The penetration of a computer system can cause devastat- 
ing losses. These losses include losses in personal privacy, equip- 
ment, capobility, money, time and opportunity. onetary losses 
due to computer-related crimes range from $100 Million to $100 
Billion per year, and increase by about 100% pes year! The lower 
and upper figures result depending upon what is counted as a com- 
puter-related crime and which expert you choose to believe. Com- 
re these amounts to the $50 Million stolen per year due to armed 
ank robberies, and the $100 Million stolen per year due to credit 
card frauds. And the trend towards distributed systems present 
many new possibilities for security and privacy violations. 












Computer criminals are becoming increasingly sophisticated and 
learned in their practices. According to the FBI, only about 1% of 
all computer crimes are ever discoverd, and of those discovered, 
less than 5% lead to convictions! Clearly, computer crime does| 
pay and does pay very well! * 3 

















The worse computer failures can cause world war, economic col- 
lapse, nuclear-power-plant meltdown; or massive-blackeuts! The 
failures can be caused by many factors. One major factor is the de- 
liberate result or accidental byproduct of a computer crime. 
Computer crime or "Phreaking" as a crime category is no doubt the 
most lucrative and least risky of all crime categories. The average 
"take" in a computer crime is 30 times greater than the average 
take from all other crimes. Little of it is reported on the news, 
and those cases reported are generally the more amateurish 
attempts. 


"Phreaking" is what a "Phreak" does. In the 1960s, groups of hippies 
radicals, etc., bored with the middle and upper class successes © 
their families, engaged in wild, daring, and dangerous activities. 
These activities included ripping-off (originally a hippie term) Ma 
Bell ay making free long distance and pay phone calls, using home-} 
built, handheld Blue and Red boxes, respectively. These perpetra- 
tors became known as "Phone Freaks," and later, as "Phreaks." 



































Their "official" newsletter, TAP, went out of business in 1984. 
TAP was founded by Abbie Hoffman and some of his yippie friends. 
TAP published 92 very controversial issues on technological defeats 
of all kinds, but particularly focused upon telephone and (later) com- 
puter phreaking. Although we strongly disagreed with TAP's left- 
wing slant, it was one of the hottest sources of specific plans for 
technological defeats and difficult-to-find information - a real 
treasure - every issue well worth its price! 


Just before TAP died, 2600 was born. 2600 is published by 2600 
ENTERPRISES, P.O. Box 762, Middle Island, NY 11953. It's two 
BBS numbers are 201-366-4431 and 516-751-2600. 2600 is sort of 
the yuppie version of TAP. On one hand, 2600 is not as explicit as 

‘AP was, and it contains very few plans and schematics, and it is 
not as funky. On the other hand, 2600 is better Faas better 
formatted, is much easier to read and has substantially more infor- 
mation. 2600 is also totally dedicated to phone and computer tech- 
nology and phreaking. 


One publication that we strongly advise that ye AVOID is 
COMPUTEL, Van Nuys, CA. Heavily advertised, COMPUTEL appar- 
ently never fills orders, and their exact function is unknown. 


As the 1980s arrived, Ma Bell considerably tightened security, and 
Red and Blue Box phreaking has apparently leveled off. The pri- 
mary phone a dapatily | objective to ay is credit card fraud. For ex- 
ample, one lady was billed $109,000 for 15,000+ credit card calls in 
one month using her credit card number, which, apparently, some- 
one had overheard her say. Ma Bell readjusted her bill to $47! We 
hear of similar cases almost on a weekly basis. 


With the increasing use and sophistication of micros (microcomput- 
ers) and modems - particularly the portable and transportable kinds 
- communications petiesn a systems using measalghones 
hook-Gps have also increased. So has the quantity and quality o 
the attempts by computer phreaks to penetrate large computer sys- 
tems. ~ Hundreds of computer Bulletin Boards (BBSs) now flouri 
all over the country. These permit computerists to use their com 
puters to post messages and software accessible by those permit- 
ted to use the BBS (which may include the general public or be lim 
ited to some type of club, business or other special arrangement). 





Most of the BBS phone traffic is legal, but much of it is question 
able, and some clearly illegal. The primary purpose of phreak BBSs 
is to transfer information of mostly alegsl Polications such as cre 
dit card numbers, passwords, copyrighted software, etc., and to put 
ople in contact with each other with like vestionable or illegal 
intentions. Meee a the increased use of BBSs to facilitate crim 
inal activity, is the increased activity of some people to use this in- 
formation, and to develop their own, to penetrate systems not in- 
tended for their use. 



















































































































COMPUTER PHREAKING II 1 


The FBI and other legal authorities, and Ma Bell security are more| 
closely scrutinizing the activities of BBSs. BBSs have been raided 
and shut down. Sting operations have been set up. Suspected BBSs 
are regularly monitored while necely all others are periodically 
examined to gain intelligence on phreaks, and those associated 
with underground radical organizations. - 


The Red and Blue Box phreak of yesterday has evolved into the com- 
op phreak of today. He is daring, intelligent and knowledgeable. 
le may be reckless, or cool and systematic. He is usually youn 
single, white, male, upper middle class, from a "good home," highly 
intelligent and a g student. The term, "whiz kid" is often used 
to describe him. : 


COMPUTER PHREAKING | 


The term, “computer phreaking" refers to any. criminal or non-crim- 
inal abuse of computers - whether by so-called "hackers," by offi- 
cers and employees, by a Rate police agencies, or by anyone else.| 
We do not use-the term; “computer hacking," because it-refers to) 
two things: 

(1) Computer phreaking by penetrating computer systems thru’ 
the phone lines. 

(2) Any obsessive use of computers - 





particularly programming. 


(1) is too narrow of a definition for COMPUTER PHREAKING 
and (2) implies neither crimes nor abuses. 










\ 


Ms, 


otk ee psy has steadily evolved from abusing a computer| 
and Ma Bell to penetrate other computer systems ala WAR GAMES, | 
to a generalized term to cover all crimes and abuses in which a com-| 
puter is programmed to act as an accomplice - even if it means its! 
own destruction. This eliminates computer crime categories in, 
which the computer does not actively participate (ex: the conser 
or destruction of computers by explosives and by other types of| 
physical attack). The grey area here are crimes in which some: 
minor function of the computer is required to complete the crime 
(ex: damaging ATMs by feeding them slices of cisauet i 
















Today, the bulk of computer heeking is done by officers and em-| 
ployees of the Government, financial institutions, and large corpor-| 
ations, for themselves or the institution which pba them, with 
little or no association with whiz kids, hippies, long distance phone’ 
calls and BBSs. | 


What, exactly, is a computer crime? Depends on who you ask..| 
Even the Government doesn't have a clear and complete definition! 
The Government's general definiton is: . | 


COMPUTER CRIME: "Any fraud, embezzlement, theft, extortion, 
larceny, espionage, or sabotage involving computers and associated) 
equipment, services, networks, information a products." i 


) 













There are virtually endless variations - many of which are grey] 
areas. For example, is it c crime for a person to penetrate TRW to) 
examine his own files and to correct mistakes in them? For exam-' 

le, if you own a BBS, and, unknown to you someone places illegal 
information on it. Are you guilty of a crime? 









What is a non-criminal computer abuse? Again, a lot of confusion, 
and controversy. For example, is it an abuse when TRW transfers) 
your detailed private and personal computerized records to some-| 
one who pays TRW for them? It's certainly not against the law, 
even though many pear feel that it ought to be. For example, a’ 
physician kills your child thru malpractice. You sue and win.. Is it 
an abuse if the physician's computer service notifies all physicians 
in your area about your case, and based upon that information, no! 
one will treat your fomily in your area? Again, this is not against | 
the law but most people would consider it to be an abuse that ought | 
to be against the law. 


The truth is that SOME crimes pay, and pay big! The criminal cate-| 
gories which are most lucrative are narcotics, illegal gambling, 
stock manipulation, and computer crimes - all of which require com- 
puters to some extent! While sophisticated computer criminals re- 
quire the rare degrees of intelligence, knowledge, know-how, dar-| 
ing ond finesse of a world-class cat purgict. the rewards can be as- 
tronomical with little risks involved. More than any other crime,| 
the SYSTEM deliberately protects the computer criminal! One FBI) 
agent stated that the risk of going to jail for a computer crime is 
less than one in 10,000. 
































One of the rare 
lamented, "Why 
year, which makes $ 


rofessional computer criminals who was cau ht, § 
should I work for a large corporation for $60,000 a) 
Millions in profits from my talents, when I can} 








COMPUTER PHREAKING II 2 


make those $ Millions for myself?" The temptations are enormous! 
At the fingertips of many computer experts is literally $ Millions! 
It takes a rare individual to resist that kind of temptation! 














Sophisticated computer crimes are difficult - sometimes virtually 
impossible - to discover because of the extreme complexity of 
many large computer systems and networks, the ability to program 
computers to act as one's accomplice, the difficulty to determine 
who made what entries, the lack of audit trails, and the auditor's 
forced reliance upon the people being audited. Some experts be- 
lieve that less than 1% of all computer crimes over $1,000 are ever 
ak again as crimes! More often than not, the money simply van- 
shes without even a clue as to what happened to it. most glar- 
ing example of this is the $ Billions of tax monies that literally van- 
ished from the Government Service Administration (GSA) over a re- 
cent 5-year period. Most computer criminals who are caught AND 
punished fall into three main categories: 


(1) THE RANK “AMATEUR: ~ Usually a-clerk:—Strictly small-pota- 

toes. Usual modus operandi is adding, ie a or deleting trans- 
actions. Lacks the position and power of the executive to obtain 
the dispensation designed for the privileged few. 


(2 

® student whizzes) who is very intelligent and knowledgeable, but 
lacks the experience, cover, position, power, sources of informa- 
tion, and appreciation for secrecy to go long without being discov- 
ered. eure: modus operandi is penetrating computer systems and 
networks through modem/phone hook-ups. 


(3) THE UNLUCKY PRO: If an employee, he is usually an officer, 
executive, or computer, accounting or engineering professional. 
He is usually tripped-up by a careless loose end or fluke, or by a dis- 
runtled or braggard accomplice or accessory. Usual modus operan- 
i are software modification, phone penetration, and employee com- 
promise. The Unlucky Pro is least likely to be caught and prose- 
cuted, and most likely to steal in the $ Millions. 


LACK OF PUBLICITY) 















































$10,000 than the Government contractor who rips-off $10,000,000 


ry of $ Millions! 


formed about computer crimes because: 


get 
(2) Institutions shun bad publicit 


like the pl 
worse than the Tevelation that $ 


illions have been ripp 


Pi 
Comptroller of the Currency 
Law. Other financial institutions are likewise ripped-off: 
ance companies, investment firms, 
etc. Since financial institutions are the major 


cated computer crimes. 

















phreaking. Yet, few people were arrested for these crimes. 


ant but thoroughly entrenched mentality is clearly counter-pr 
ive, if not insane. This mentality is about as stupid as accusin 
Crime stooges of vag i burglaries! I suspect that the rea 
motivation for keeping the public ignorant of hi 

lar crimes is that computer and ot 


dictionaries don't even carry the 
terms. 


lions of Americans!! 





COMPLEX AND DIFFICULT TO DISCOVER 


THE COMPUTER WHIZ KID: Usually a student whiz (or group! 


Just as you hear a lot more about the welfare mother who ha 


a lot more media space is devoted to the whiz kid who changes a "C" 
to an "A" than to the sophisticated and slick computer criminal) 
who bleeds the Government, a large corporation, or even an indust- 


The public MUST be informed before citizens can be expected to| 
take adequate action to stop computer crimes for the same reason 
that the public is informed about other crimes. The perpetrators of 
these crimes already know how to successfully commit them. This 
information is for the citizen who simply wants to be kept in- 
formed about all things that impact his life. The public is NOT in- 


(1) Computer crimes are complex. The news media feels that if a 
mar can't be explained in 15 seconds to a grade-schooler, then for- 
t. 


ve! No publicity is 
ed-off by a 
computer criminal. In fact, according to Thomas Whiteside in COM- 

UTER CAPERS, banks do not always report such crimes to the 
as they are required to do by Federal 
insur- 
savings and loans, credit unions, 
part of the power 
structure that .controls the traditional newsmedia, the traditional 
newsmedia will seldomly publish significant information on sophisti- 
In 1985, banks failed at record rates - 
most of these failures were at least partly caused by computer 


(3). Likewise, the powerful financial institutions, will NEVER per- 
mit the unwashed public to attend classes or schools that teach how 
to discover, document and prevent computer crimes! Such a ignor- 
uct- 


-level white-col- 
rt crimes perpetrated by offi-| 
cers and executives are rampant in Government and industry, and a 
knowledgeable public would soon discover and attempt to stop them! 
all as well. This conspiracy of silence is so complete that computer} 
most common computer crime 
Out-of-sight, out-of-mind, and out of the pockets of mil-| 











































































I. MANIPULATION OF 





| Tes FEW.PROSECUTIONS| 
Most computer criminals who ore caught are either shortly re- 
leased, or punished at a level much less than what the actual mag-| 
nitude of the crime calls for, for several ‘reasons: | 










(1) Computer crimes, even when discovered, are probably the most, 
under-reported crime of all crimes. Most computer ‘crimes are in- 
side jobs. The suspected officer or employee is terminated (some- 
times with excellent recommendations), ed off, retired, trans- 
ferred or promoted! Ironically, the more hi y laced the criminal, 
and thus the more responsible he should be fa, the least severe 
his punishment will be - even though highly placed computer crimin- 
ped average far more in their thefts than all other computer crimin- 
a 














s! 
The gtk laced computer criminal is in the unique position to 
intimidate his bosses (by threatening public exposure, expensive law- 
suits, etc.) into becoming very reluctant to cause him any real harm, 
in effect making them accessori¢s after the fact to his crimes! 


(2) As stated in the GODFATHER, one man with a briefcase can) 
rob more money than 100 men with guns! Computer crimes are the 
rich man's white collar crime, which traditionally gets winked at| 
by the legal establishment. 

I call this the “Nixon Phenomenon." Virtually everyone around) 
President Nixon involved in Watergate went to jail. Nixon was re- 
tired with a very fat pension. Another example was John Hinckley, 
Jr., who tried to assassinate President Reagan. He was found in-| 
nocent due to reasons of insane family wealth! We will never put) 
an end to the sophisticated rip-off schemes of the rich and powerful 
until we, as a people, get over the stupid and self-destructive atti-) 
tude of | gids va, preferential treatment and sentencing of rich and, 
powerful crooks. | 


(3) Most juries today consists of people who feel that they have no-; 
thing better to do - largely the poor, the’ unemployed woe and. 
aged! Too mony white collar professionals shirk their citizen duties!’ 
The sophistication of these crimes even beagles the minds of com-; 
perer experts! Most judges and almost all jurors cannot compre-) 
end how a sophisticated computer crime was actually committed!) 
A fair trial is not even possible! Also, the Hearsay and Best Evi-| § 
dence procedural rules are difficult to overcome. Read COMPUT- 
ER CRIME, August Bequai, for more information. 































(4) Highly successful computer criminals, when tried, result in sen-, 
sational trials. Because of pressure largely applied by the financial’ § 
establishment, most DAs will let a savvy computer criminal get} 
away virtually scott-free rather than risk the chance that his meth-' 
ods and-or successes will become public record, or part of the unof- 
ficial curriculum at Prison U. The successful computer criminal is) 


often rewarded with a life of luxury and a best selling book. 


(5) Anyone who rips-off a financial institution, large corporation or! 
povarnnentay body automatically acquires an almost cult following 

y the many who hate and distrust large institutions. No matter his 
motive, he becomes regarded as a Robin Hood! Many copy-cats 
can then be expected. 


MODUS OPERANDI 


Several computer fraud modus operandi are particularly popular. 
In order of frequency of occurrence, the three most common are: 
I. MANIPULATION OF INPUT TRANSACTIONS. 
II. UNAUTHORIZED SOFTWARE MODIFICATIONS. 
Ill. UNAUTHORIZED FILE ALTERATIONS. | 


































Many computer frauds are not used to obtain money directly, but | 
to obtain, add, delete or change information which usually converts 
into money at a later time. | 


INPUT TRANSACTIONS 


Input manipulation is most common because it is simplest to do,| 
even though several steps may be involved, and it is most accessi-| 
ble to computer operators. The most common ways of manipulat-' g 
ing the input are: 
(A) ENTERING UNAUTHORIZED TRANSACTIONS 
(B) FAILURE TO ENTER TRANSACTIONS | 
(C) ENTERING DOCTORED TRANSACTIONS | 
(D) ADJUSTMENT TRANSACTION ABUSE 
(E) ERROR-CORRECTION ABUSE 



























(A) ENTERING UNAUTHORIZED TRANSACTIONS: Making up bo- 
gus transactions and getting them accepted by the computer system) 
is a ploy used in about 70% of all employee computer crimes. One 
method is to enter unauthorized financial transactions to benefit 
the perpetrator. Another is to enter a bogus file maintenance trans- 
action that changes a data key(s) in some way for later exploita-' 
tion. Some methods used are: 






COMPUTER PHREAKING II 3 


(1) In systems that process customer accounts (banking deposits,| 
account receivables, etc.), the perpetrator enters an extra payment. 
to benefit his account. The payment is then usually withdrawn as, 
cash, transferred to another account, or used to cover a check, 
credit or debit transaction. 

(2) The addition of an entirely new Master File record in a recur- 
ting —— application is another common fraud ploy. By ad- 
ding ficticious employees, taxpayers, welfare recipients, pensioners, 
salesmen, vendors, customers, patients, etc., the perpetrator can 
set himself up to receive-regular payments. 

(3) The perpetrator may add s file maintenance transactions 
whic me y data in file. EXAMPLE 1: The name, address, 
or status of a target, who receives periodic trek is changed 
to that of the perpetrator to divert payment. AMPLE 2: One's 
credit or debit limit is raised to be able to buy more without hav- 
ing to be pressured to pay. 3: account status is 
changed in a manner to obtain special privileges, such as access to 
software or data files, unreported overdrafts, etc. 


(B) FAILURE TO ENTER TRANSACTIONS: The perpetrator does| 
not enter transactions that may cause payment from his account. 
Common examples are check processing clerks who destroy their 
own cancelled checks before they are debited from their account,| 
and clerks who cancel their own bills. File maintenance transac- 
tions can also be dishonestly excluded to not reflect charges or deb- 
o, pT methods speed Some ee — sed td 
e perpetrator intercepts an stroys charges against his 

account before they are debited. 
(2) The perpetrator fails to post a change In the status of a tar- 
t. For example, a pensioner dies but payments are continued in-| 
er because the perpetrator destroys the status-change trans-| 
action. 
A variation of (2) is to combine the failure to post a change 


| 





3) 

F a substitution. EXAMPLE 1: The perpetrator then may dev- 
ise a mame and-or address change transaction to divert the dead 
pensioner's payments to himself. EXAMPLE 2: In a banking or ac-'| 
counts receivable fraud, the perpetrator may switch charges from 
his account to target accounts. 


(C) ENTERING DOCTORED TRANSACTIONS: This ploy is identi-, 
cal to (3) above except that no maintenance transaction involving a| 
key data change(s) was required to begin with. The number of trans- 
actions remain constant. Some methods used are: 

(1) The most common ploy is to alter the amount of a proper) 
money transaction either y increasing the amount of payment or! 
by decreasing the amount of charge. Kiting a check is a good exam- 
ple. 





(2) Another ploy is to change key data on file maintenance traris-; 
actions to net substantial benefits. EXAMPLE 1: Changing the 
name/address on a credit or debit account to divert a new card to 
the perpetrator. EXAMPLE 2: Changing the account credit status 
on a file maintenance transaction to pros unauthorized on om 
to the trator. EX 3: C onging the address of a vendor) 
record so that payments destined for the vendor are received by 
the perpetrator. EXAMPLE 4:/ Changing the monthly closing date 
on an account so that the account is never allowed to close. 

In credit and debit card applications, legitimate name and ad- 
dress changes are frequent due to marriage, divorce, transfer, etc.| 
Such changes require a new card. The phreoker will disguise his) 
fraud as one such change. 

(3) One of the most difficult to detect transaction mod. schemes| 
involves exploiting universal file maintenance transactions. This is 
a transaction that instructs the computer to change the correspond- 
ing master file key data for any and all fields specified by the trans- 
action - to make sweeping changes of many or all files. This ploy is 
used by a disgruntled employee to sabotage, to smoke-screen the in- 
tended fraud (which may be of the same type or different), or to 
pull-off a massive rip-off! 


Abuse of adjustment 


(D) ADJUSTMENT TRANSACTION ABUSE: 
The term, 


transactions is common to input manipulation methods. 


"adjustment" refers to correcting past monetary errors from what-| 


Adjustment transactions are often processed 
verification, some- 
Some methods 


ever their source. 
quickly and routinely, and without satisfactor 
aepee resulting in a fraud of massive dimensions. 
used are: 

(1) The most common ploy used in systems which don't verif 
the transaction is to initiore ogus adjustments. EXAMPLE 1: Ad 
justments are made to a department store account to show that 
the items were returned. AMPLE 2: Customer accounts are ad- 
justed to indicate increased debt. EXAMPLE 3: .Vendor accounts 
are adjusted to indicate increased debt. EXAMPLE 4: Bank ac- 
counts are adjusted to increase balances. EXAMPLE 5: Credit 








card accounts are adjusted to enter conta 4 unrecorded payments 
made, or to correct supposively incorrect charges. EXAM 6: 
Adjustments are made to enter stolen items as damaged or lost. 





a me 





(2) Adjusting inactive or dormant accounts to transfer money § 
from them to other accounts. Continued postings to inactive ac-) 
counts may indicate this ploy. 


(E) ERROR-CORRECTION ABUSE: Error-correcting abuse may 
be a part of other types of manipulations. Some methods used are: 

(1) Errors are frequent and adjustment to correct errors do not 
immediately follow detection. Rip-offs can be disguised as com- 
pound errors. Errors are often difficult to detect because the fig- 
ures derived by the output reconciliation clerk is based upon a dif- 
ferent time frame than the figures of the adjustment clerk. Such 
confusion has resulted in large-scale frauds. 

(2) Enterring corrections when no error exists. The correction 
of key data errors normally do not become a permanent part of the 
record. If monetary corrections receive the same treatment, fraud 
can be easily perpetrated and hidden. 

Errors are staged as an excuse to access files on the pretext 
of error-correcting. ; & 

(4) Exploiting program controls which reject transactions con- 


telnieg invalid data to prevent valid transactions from being pro- 
cessed. The trator simply makes an unauthorized change an 
the transaction so that the computer will. Sefect it. 


Il. SOFTWARE MODIFICATIONS, 
Software mod. schemes are the most insidious and difficult to de-] 
tect. The reported cases of such frauds are relatively low, imply- | 
ing that only a small percentage of them are detected. Some soft 
ware mods. are almost untraceable, while almost all others ore dif- 
ficult to detect. The rewards are much higher than with most other | 
types of computer crime, while the risk of detection - much less 
prosecution - is slim. 


Anyone with programming skills who has access to a computer and | 
software which can be used “4 the computer, can zap the software. | 
The perpetrator may be employed as a computer operator or pro- 
grammer, but not necessarily so. The extent of his computer skills | 
may not even be known to his colleagues and bosses. 


The computer may be a different one than the one that the soft- 
ware is intended to operate with. EXAMPLE I: The perpetrator 
borrows a programmed diskette and takes it home (or transmits the 
programs and-or data over the phone to his home computer). He: 
zaps the software in the privacy of his home, then returns it to 
where the got it. The mod. may only require a change of one to. 
several lines of gp oma ay code. In fact, it usually takes longer’ 
to pinpoint what code has to be zapped than to make the actual. 
mods. The change of even a few characters of code that is r t-| 
edly executed in a monetary transaction routine, can often bring 
the perpetrator enormous wealth. EXAMPLE 2: The perpetrator 
installs a trojan horse or logic bomb in the OS, in a uthity orina 
critical applications program. pas 





| 


The fraud strategies used by perpetrators that are particularly ad- 
aptable to software mod.: “ i 


AGE 
UNDOCUMENTED TRANSACTION CODES 
BALANCE MANIPULATION 
PURPO MISPOSTING 


SEFUL 
FILE MODIFICATION __. 
MANIPULATING CONTROL TOTALS 


(A) BREAKAGE: Breakage (the salami technique) is most effect- 
ive when incorporated in a routine which computes interest on sav- 
ings. The perpetrator zaps the software so that the computer ac- 
cumulates round-off amounts, and possibly other small amounts, 
and then transfers them to his account. This fraud is difficult to. 
detect because the predetermined control totals and the final total 
amounts will agree. The target is not likely to detect the 0p 
ancy or complain because the amount stolen from him may be only 
a penny or so. 


(B) UNDOCUMENTED TRANSACTION CODES: the software is 
zapped to accept undocumented transactions, which may be very 
large. Once the program is "fixed" to accept them, it may. also be 
zapped to — undocumented bogus transactions, or they may 
be enterred the normal ways. The “normal ways" may consist of 
compromising a clerk, or slipping-in an extra card into a batch pro- 
cess. In many cases, other routines are also ar so that the bo- 
gus transactions are not oh out, displayed, or subjected to 
credit/debit totals, or to "hash" totals. The software may also be 
zapped to erase all traces of the bogus transactions - including 
parts of the program if the program is listed. In such cases, detec- 
tion is extremedy- difficult. The money literally vanishes without a 
trace! 


(C) BALANCE MANIPULATION: The plain vanilla balance manipu- 
lation entails simply changing the balance. In which case, the sum 
of the current-day closing balances will be off ~ the amount of 
the change - whether or not the totals of input items and dollar 
amounts agree with the authorized totals. A perpetrator may zap 
the various programs or routines to moke the daily balances and to- 
tals appear correct. The routines most subject to mods. are the 
printer and verification routines. 


=F 


WMO OOWD 


oom 








COMPUTER PHREAKINGII 4 


(D) PURPOSEFUL MISPOSTING: Software can be zapped to auto- 
matically either fail to post a charge, post the charge to the wrong 
account, or post a bogus credit. This usually results in target com- 
Eventually, the pe 
scene of the crime‘ to correct the misposting. Purposeful mispost- 
ing is the major source of error, that, all along you have been told 
To continue the fraud, the perpetrator 
may resort to lapping. He may even install his own software to 
automatically correct his last misposting, and to select his next tar- 
et. The perpetrator may menigucts ash totals to cover up hi 
toud. Detection may be extre 


plaints. 


was a "computer error.” 


(E) FILE MODIFICATION: 
changes in account status. 
sequent fraudulent be he sed exercised and destroyed without 


a trace. Printer routines may 
out of earmarked file data, such as past-due status. Privileges 


may be changed. 


(F),. MANIPULATING.--CONTRGL -TOTALS:.-— Generally. - combined-- 
with other schemes. Control totals are changed to cafe 

conditions, to cover up frauds detected by control totals. This 
fraud is usually very difficult and costly to detect, usually requir- 
ing indepth historical reconstructions. 


Ul. UNAUTHORIZED FILE ALTERATIONS 


Most file alterations schemes are just bastardizations of input 
manipulation and software mod. schemes. Some variations exist: 


(A) A common scheme is to access a master file using either the 
normal program or a utility, and then secretly changing the file. 
Changes could include monetary amounts or key data. 


(B) Substituting the master file with a mutant. The perpetrator ob- 
tains access to the master file, supposively for test purposes. He 
then uses a body snatcher to create the mutant. 


(C) Accessing .and zapping transaction files prior to normal process- 
_ing, thus adding, deleting or changing them. 


HOW PHREAKS ZAP SOFTWARE) | 


Accounts con then be opened for sub- 
















trator must usually ‘return to the 


mely difficult. 


Software is zapped to moke secret 


e changed to prevent the printing 


ct correct 






























Programs most likely to be zapped for fraudulent purposes are} 

those which are large, -complex, little documented, accessible to) 

more than one programmer, and critical to accomplish the purpose. 

Unauthorized ace may be either temporary (present during a dis- 
° 


crete number 
Some common schemes: 


program cycles), or permanent mods. of code. 


(1) In systems which have little or no controls for program mods., 


the perpetrator simply zaps the program when he wishes. 


| 


(2) Where controls exists, the perpetrator may secretly zap the. 


software, usually when in use by another programmer. 


| 
| 
| 


(3) When the opportunities are most favorable, such as during a re-; 
start, recovery or emergency debugging operation. 





(4) In conjunction with authorized mods. While modifying a pro- 
gram, the perpetrator slips in unauthorized changes. 


(>) Undefined data fields built into master files are used in some| 


rauds. Undefined data fields usually result when the software i 
designed to permit future expansion, or when a data field is no lon 
er used. Or they may be created by the Fw vat enbr Their main 
purpose is to help him keep track of his fr 
record may or may not be encrypted. The encryption scheme may) 
be sophisticated. The perpetrator may even create an entire new) 
master file just to maintain his target accounts. | 








| 
(6) By ceteris the system using a modem/phone hook-up and 
some scheme to defeat security. Once inside the system with a, 
privileged access rating, he can.then zap the OS, programs and 


data. 


LOGIC BOMBS 


s fraudulent activity. This 





Logic bombs can be embedded in the OS, a utility, an applications 
program and even in the data itself. Logic bombs have been de- 
signed to serve these purposes: 


(1) To delete all or most personnel files if a certain name is erased 
rom the files first. The rationale here is that if I'm fired, you will 
delete my name from the personnel files, and I'll get my revenge. 
However, if I transfer or retire, I'll remove the logic bomb first. 








































| 
| 





(2) To-guarantee that I get paid for software that I develop for you.| 


A logic bomb here pecs a certain number of safe executions of, 


a program so that t 


e prospective buyer can determine whether or 


not the program is suitable to him. Some customers have the bad 
habit of ripping-off software from independent developers. The 
logic bomb protects the designer because it destroys the program) 


and-or data ofter a certain number of: executions or 


by a certain 


time Li pone reads the computer's date) unless it has been dis- 
first. It 


arme: 


is disarmed only after it is paid for in full. 


(3) A: truly vicious application of logic bombs is occurring in some| 
public domain software widely posted on BBSs for general consump- 
tion. When the software is run, it automatically reformats files 


and-or overloads the system to create hardware failures. 


Once 


a a message such as “Arf Arf!" or "Gotchal" is displayed. See 


June 24, 1986 issue, P. 287, 
program (IBM-PC and compatibles) that ins 
programs for messages so that you can 
programs. ¥ 


M4 se ex -s 


3 


e€ 


for a countermeasure 
ects /EXE and /COM 
rret out destructive 





(4) Logic bombs can be-buried in data or triggered by data. Hiding 
a logic bomb in data has two major advantages. First, it's not a 
lace usually suspected for logic bombs. Second, data files are typ- 


-ically--orders of magnitude larger than the 


them, wasing it more difficult to find where | 
al applications major can exceed 1 


den (a typic 


can exceed 6M bytes). Two major techniques: 
isguised as data. When the computer 
loads the data into memory to process it, a jump or call is made 


A) A software routine is 


programs that service 
ic bombs are hid- 
OK bytes, and OSs, 


to 


a starting address in it, and it is then executed oe of the pro-| 
suall 


am. It then erases files, reformats drives, etc. 
n the data will cause the special jump or call - else t 


will treat the data as just data. 


, a trigger} 
program! 


(B) A trigger in the data causes a jump or call to a section of 


the program, 


S or a utility that will do the damage. 


(5) Logic bombs can be remotely placed. One programmer set up! 


his firm's computer so that he could access it 


rom his home: 


IBM-PC. He then peppered the OS, utilities, application programs; 
and data files with logic bombs that would activate unless he per- 
sonally "defused" them on a schedule known only to him. He then 
semenee top re together, and demonstrated to them why 


ie was indispensab 


e to the firm. They then promoted him, doub- 


led his salary, and gave him a whopping bonus and a written guaran- 
tee of lifetime employment! He comes to work now and then to de- 


fuse one of his logic bombs. 


TROJAN HORSES: 


Just as with a logic bomb, the "programming events" that trigger a! 
trojan horse may include the date, the amount of time the program 
is run, a data entry or combination of data entries, the calling of a! 


legitimate routine or combination of routines, or 


by certain key-! 


board entries. The trojan horse is designed to periodically inspect, 


for these programming events, and, upon 


their occurrence, to; 


launch into special routines. Trojan horses are mostly used to de-' 
fraud while logic bombs are mostly used to sabotage. 


For example, when the targeted combination of programming 


events occur, the trojan horse in a bank's savings accounts 


ogram 


activates. It transfers a huge quantity of money to a another ac- 
count. It then changes or erases both itself from the program and 
the record of to whom the money was transferred. The money liter- 
ally disappears with little or no trace! Trojan horses ore usually dif- 
ficult to detect in program code, and to prevent. | 


How destructive can trojan horses be? The type of penetration de- 
picted in WAR GAMES is virtually impossible. However, what if, 
the Soviets penetrate our missile systems and plant trojan horses in 
the extremely complex software that controls the launching of our 


intercontinental ballistic missiles? When we try to launc 


these 


missiles against the Soviet Union, the Soviet trojan horses are act- 
ivated, co-ordinates are changed, and our missiles destroy our own, 


cities, or fail to launch! Were the Korean Airline 
tim of a Soviet trojan horse implanted in the 


ance computers - the same type of Inertial 
in our jets and missiles? 


passengers a vic- 
lane's Inertial Guid-| 
vidance System used 


Trojan horses operate on a continuous basis, usually to steal money| 
or information, or to acquire special system privileges. University] 
of California at Berkeley students used a trojan horse to imperson-| 
ate other users and terminals in a time-sharing computer there. 
By doing so, they were able to acquire the privilege levels of the 
impersonated users, as well as their files and programs. 


| 
Preventing trojan horses is virtually impossible. Anyone with the; 
knowledge to write one and the access to the equipment can embed) 
the OS or any other program with a trojan horse - consisting of as| 
little as a few dozen bytes of code. Trojan horses can be inserted 
and deleted within a few seconds of time, either from a keyboard or 


from some other program or storage medium. 









EMI AND AUDIO EMANATIONS:| 


TEMPEST is a Government program (NSA), started in the mid-1950s, 
to minimize the emanations (EMI and audio) given off by computer) 
+ \peanne cables, etc. These emanations can be easily intercept- 
ed, processed and reproduced typically from up-to 300 meters (up- 
to 1.25 miles have been reported under ideal conditions). Thus, com- 
puter security is vulnerable to remote attack. Except for some 
Government computers, until lately, the computer-emanations pro- 
blem has been universally ignored. The Government now tests and 
approves equipment that meet the TEMPEST standards. 








To eavesdrop onto computer commos, all one needs is a radio re- 
ceiver (A W), a mike and a cassette recorder. Digital data is 
picked up as a chirp-chirp noise. Don't believe me? Place an AM 
pocket radio near your keyboard and listen to noise changes as you 
enter data. Or an inductive loop eon with a low-gain buffer 
amplifier, placed in the vicinity of a digital phone line or connec- 
tion, can produce quality recorded signals that can be analyzed 
later. Filtration of the tones separates the caller and the called. 
A storage oscilloscope can then be used to penne # bits, characters 
and words. After strippina off the star* and stop bits, one can then 
obtain the data itself. Not only are modem protocols revealed, but 
so are passwords! The signals can also be piped to a micro real 
time thru its modem - played back. to a micro) with a terminal, 
program, to reveal all the data. Or the taped message can be 
played back during a phone call to the computer to gain access to it. 
































to the TV. 
preferred. Rotate the antenna until the snow on the 
comes brightest. This is the direction that the VDT signal is com- 
ing from. An imoge connot yet be resolved because the much lower} 
vertical and horizontal frequency sync. elements that dictate pic- 
ture placement do not radiate as well. Using an AM/MW receiver,' 
one tunes in 1570-1600 KHz, until the loudest buzz is heard. Now,| 
the sync. elements have been received - the buzzing sound is an, 
harmonic of the VDT's sync. elements. 





The output from the antenna tuner ee stage and from the 
preamplifier stage of the radio are combined in a “black box" that 
consists of filters and level adjusters. By fiddling with the filtra- 
tion and levels of both signals, an optimum signal can be receive 
in which the TV will clearly display what is being displayed on the 
VDT perhaps hundreds of _ away! For ease of tuning, an oscil- 
loscope is required. This data can then be recorded by a VCR. 


EMI radiations aren't the only source of data leakage. Printers and) 
typewriters can be just as effective. Although you may not notice 
any differences, there are imperceptibly different sounds that re-| 
sult from each char. on a printer or typewriter. These sounds can| 
be secretly recorded = usually a mike(s) is hidden inside or near the, 
printer or typewriter. They then can be later digitized to a micro, 
or displayed on an harmonic analyzer to determine each key or ele- 
ment activated. The text of what was printed or typed can then be 
faithfully recorded. . 












Text can also be revealed by analyzing used carbon ribbons, platens, 
carbon paper, and back-up paper. 


This is not just theory! W. Van Eck, a Netherlands Government) 

researcher, proved it to many witnesses by compromising 
the Scotland Yard: computers in their new complex, from a nearby 
building. He also specially equipped a van and toured the financial 
section of. London, tuning in on VDT displays all along his route!) 
Van Eck estimated that all parts to his system are available from 
stores like Radio Shack - for as little as $35 total (excluding the TV). 
We have Wim van Eck's original 20-page report replete with shock-| 
ing details, page! and figures on his experiment. We can rent you 
this report for $20 per month, $20 min. We require a $50 deposit, | 
which we will return to you upon return of the report to us. We} 
prefer cash. | 


CROSSTALK AMPLIFIERS 






























Have you ever been annoyed by digital data crosstalk when 
build a 


¢ ‘ou 
were on.a.voice line? You 


n audio amplifier with a tunable 
narrow bandpass high-Q filter. You enbnech oor amplifier input 
to your phone, and the a to a modem and a recorder. The 
modem output is connected to a micro with a terminal program. 
When you find a line with digital crosstalk - even if it's very faint - 
you tune your module in until the S/N is maximum. You ‘can tune 
automatically with the electronics or manually. A manual filter 
should include gross center frequencies of 75, 110, 300, 600, 700, 
spely on 2400 Hz. You then record the data for later playback and. 
S. 


One way to find digital crosstalk is to repeatedly and randomly dial| 
numbers in an exchange that has many orgonizations of interest. 
These lines are usually plagued with crosstalk, particularly during 
























-Another hot eavesdropping method is to use a crosstalk amplifier. | 


- we 


COMPUTER PHREAKING II 5 


their busiest hours. With a little luck, you can get a crosstalked| 
line that also results in a repeated operator message, is a dead line, 
or is an unanswered line. If you get an answered line, you can use| 
some stalling tactic on the receptionist (ex: tell her that you've al- 
ready been helped or ask for someone fluent in Swahili). You then) 
secure the data between the operator messages, rings or conversa=} 

on. 





After you determine the commo protocols, your micro can then 
analyze the data for you, display it, provide you a printer output, 
and record it on a disk. 


Analyzing the data may reveal who the caller and called parties 
are, passwords, type of data involved and encryption (if any). In 
most cases, crosstalk results from a voice and data line in close! 
proximity to each other over a distance of 50 feet or more. That al- 
most always means that the two lines come from the same office or, 
building. The ID of the caited party then ee you an excellent, 
idea as to whom the eavesdropped data is going to or from. If you! 
hear Touch-Tone tones on the data line, you can use a tone decoder 
to decode them to determine the called number. 





Once you've cracked the system, you can either access it thru it's) 
regular phone number (if known), or you can even use the crosstalk 
to your advantage if it is loud and relicble enough, since crosstalk! 
is usually a mutual phenomenon. Wait for a quiet period on the host; 
computer, then send them your stuff. With a little luck, enough| 
crosstalk will get thru to the host computer to allow you to break: 
into it. This scheme can also be used to defeat call back security. 
The big advantages with crosstalk amplifiers are that they are safe 
from discovery, produce long-term results, and are wsislly repeat-| 
able. It's almost impossible to trace the leak or the eavesdropper, 
and you don't have to fool with security schemes to get on board. 
The disadvantage is that you are, at least initially, relegated to a 
passive roll. Once you gain the passwords, you can go direct. i 


COMPUTER PHREAKING CASES, 


(1) In Baton Rouge, LA, the Fidelity Bank was | by grifters) 
who used computers to obtain target credit histories. They also ap-; 
plied for new cards in the targets's names but sent to a private, 
mail postal pick-up service address. The only thing that was! 
changed in their applications were the addresses. The cards were) 
put to immediate use. The perpetrators eg into credit bureau) 
data banks and electronically rifled the files on 10 targets with; 
sterling credit histories. Two of the three perpetrators were caught. 


(2) In 1979, Stanley M. Rifkin pleaded guilty for wire fraud for! 
using a computer to steal $10.2 Million from a bank. Rifkin served 
only three of the eight years of his sentence, and now works as a 
computer expert for the Amer. Assoc. for the Advancement of Sci-| 
ence. | 


H 


(3) Two Los Angeles programmers were accused of having set-up, 
ede bombs designed to delete the computerized inventory and Poy) 
roll records of over 400 Kentucky Fried Chickens and Sizzler Fam- 
ily Steak Houses in 15 states. The motive was revenge. 


(4) A Fairfax, VA, eletronics technician used his home computer 
to obtain private credit card information on about 80 targets, and 
then charged about $50,000 of merchandise on their accounts by 
phoning in orders. The merchandise was delivered to a freight de- 
t. By impersonating a Credit Bureau employee over the phone, 
acquired the secret access number to the Credit Bureau comput-| 
er from a J.C. Penney employee. The suspect was convicted two 
years earlier on computer fraud. He was sentenced to 2.5 years. 


5). A- small business. fell victim toa sagie bomb that put it out of 
usiness. The logic bomb was installed by ao disgruntled-employee: | 
It activated six months after he left, and destroyed all of the com-' 
pany's accounts receivables. 


(6) A New Jersey bank's computer operations manager used IBM's 
SUPERZAP program to zap transaction programs to transfer 
$128,000 into the accounts of three friends. He was detected only, 
because a customer noticed a small shortage in his account. No 
other evidence of the fraud existed in the records. 


(7) The Farmers Bank & Trust in Henderson, KY lost $15,000 when 
a Diebold ATM in a supermarket peaking lot "went berserk" and 
coughed-up that amount. The user promptly disappeared. The sys- 
tem was somehow interrupted during a transaction. Thru bank rec- 
ords and subsequent interviews, the transaction was narrowed down 
to a handful of users, and finally to one suspect, who refused to 
talk. Diebold technicians thoroughly examined the ATM but could 
not find any hardware or software defects or signs of tampering. 
For much, much more information .on ATM_ vulnerabilities and 
frauds, see our AUTOMATIC TELLER MACHINES ($15). 





“Blosses were’ so great t' 


COMPUTER PHREAKING IL 6 


(8) A Philadelphia .m 1as.recently incorrectly credited by an 
Oi with $60,000, corr yr coe "After Withdrawlrg all of it ex- 
cept $37, the police finally cought up with him. 


(9) A man, claiming to have prayed in front of an ATM, discovered 
that the ATM elevated his account balance at County Bank of 
Santa Cruz from $1.17 to $4,443,641.51! He was arrested after 
withdrawing $2,080 of that amount. According to the police, the 
bank's congenes printout pointed to fraud rather than to Divine In- 
tervent! 


(10) In the infamous Equi Fund 
officers used a on sy eh 


Life Insurance Co. fraud, com- 
pay ricate $1 Billion worth of bogus 
ife-insurance accounts (64,000 ficticious customers)! They sold 
the shares of their phony company to investors. The total fraud 
eventually exceeded $2 Billion - still classified to date as the 
larges* $s computer crime ever, with the possible exception of $ 
Billions GSA <raud. ; 


qu) In 1985 and 1986, the TV evangelist, Jerry Falwell, received) 
,000 harassing phone calls per month on his toll-free line. His 
hatit-put his-ministry in a “financial crisis," 
and he laid off about 225 of his ministry personnel. The poset er-| 
petrator, Edward Johnson, angered at his mother's $ Thousands in! 
donations, used a computer-operated demon dialer to dial Falwell's 
toll-free number incessantly, day and night, until threatened with a| 
service cut-off by Southern : 


(12) Alvin Frost, in 1986, working for the District of Columbia as| 
a monagement analyst, was upset that an angry letter he wrote to) 
Mayor Marion Barry was copied from the system. So upset, that he) 
changed the password and refused to divulge the new password to) 
anyone - locking up the entire DC computer system for weeks. | 


(13) The Oct. 1, 1984 issue of the Wall Street Journal, has an art-) 
icle that lists case after case of bank failures due to bank frauds, | 
clearly establishing that no one - not even bank regulators - have) 
any significant ability to detect or stop bank frauds, many of which 
are computer crimes. Nor do they seem to really care. 





(14) In Feb. 1986, the Secret Service arrested three San Bernar- 
dino teenagers for "hacking." The students had, from a home com-, 
uter, penetrated TRW Inc. --one of the world's largest credit card 
irms. They obtained credit cord numbers and made about $10,000 
in purchases with them. They were only discovered due to credit 
card company complaints. 


| 
(15) In 1986, seven teenage computer hackers from South Plain-; 


ield, NJ, were arrested for using their computers to call around. 
er world - including the Pentagon, a credit firm and a medical w 
rary. 


(16) A Feb. 27, 1986 article stated that, “data stored in Govern-| 
ment computers is vulnerable to theft, sabotage or employee abuse" 
and that there is a, "widespread lack of compliance with minimum 
standards for insuring the security of information systems." } 


(17) According to the American Bar Association, 27% of all busi- 
ness and public agencies are known to be the victim of a computer! 
crime over the last year. According to Stephen Leibholz, a comput-| 


er aeotty expert for the ABA, “If you want to steal money and get, 
away with it, use a computer and steal a lot." Examples cited 
were: | 


(A)|Four men were indicted in pie ote on charges of jpenetsot:) 
ing the electronic mail accounts of NASA, the UAW, Raytheon, 
and other companies. 

(B) ‘Milwaukee youths (414), led by Gerald Wondra and Neal Pat-; 
rick infiltrated the files of a nuclear-weapons research lab (Los Al- 
amos National Lob.), Sloan-Kettering Cancer Center (NY, NY), Se- 
curity National Bank (LA, CA)- and more than 50 other organizo- 
ions! Sentence: Two years probation. vr DR : 


(18) James Vinick of Longmeadow, MA got more than he asked f 
when he ordered an AT&T credit card. So far, 276 AT&T credi 
ae fh arrived at his home. AT&T stated that he can expect 
east A ° 


(19) Mike Ocejo was surprised when he received his phone credit; 
card bill. It was 1,007 pages long and for $211,165. Apparently, 
someone got his credit card number from an AT&T computer. 


{20} An insurance firm was experiencing a series of “head-crashes" 
a hard drive head that floats above the recording medium about 
one-hundredth of an inch, drops down onto the surface, gouges it, 
and totally destroys data access of it). The computer then pon 
to shut down five or more times a day, and users were wane locked, 
out. A steady stream of technical experts could not find the prob-| 
lem. By using a hidden camera, the firm caught its operations super- 
visor in the act. The man was disgruntled. ' 


















(21) Two computer operators, afraid that a new computer would 
end their overtime earnings, switched a pair of similar circuit, 
boards and the ID labels on the boards. Diagnostic software would 
\ then not run, and the problem was left undiagnosed until the comput 

‘er was replaced. : x a 


(22) A computer service technician, mad at being bypassed over fo 
@ promotion, popped a ROM from a computer and exchanged it for 
a nearly identical one of his own creation. He then changed the 
ROM diagnostics i. i to OK the new checksum. The new ROM 
contains a sapic omb. It causes havoc in the system whenever a 
certain function is performed after he keys in a certain sequence. 
Only he knows how to "fix" it. The technician has since been pro- 
moted two grades for his "invaluable troubleshooting capabilities,") 
and has been given bonuses ond all the overtime he can use. 


(23) A clerk manipulated input information at a Dept. of Trans. 
computer to steal more than $800,000. 


(24) Social Security lost more ‘Thaf $500,000 in disability benefits 
due to ene comouter scam alone. Because of Social Security's slop-| 
py accounting system, it was unable to prove that the $500,000 was) 
even missing! One estimate was $10.7 Million stolen. 


(25) A Federal Reserve. Board (FRB) economist tapped into Its se-| 
cret files affecting future decisions on credit policy, money supply 
and interest rates. He then quit the FRB and hired on as a money 


ore for a private firm of speculators, divulging that info. to 
them. 5 , 





(26) IRS employees used a computer to obtain $16 Million in fraud- 
ulent tax refunds for themselves. 


(27) At the Dalton School (New York City), four 13 year-old stu- 
dents ("Dalton Gong" used a classroom computer to access the files 
of 22 firms in the U.S. and Canada. Chagges were later dismissed 
by a U.S. Attorney. 


(28) In Chicago, two high school boys used a micro to penetrate: 
DePaul Univ... Their micro generated thousands of account numbers: 
automatically until it found one that worked. After gaining access 
to the host computer, they rampaged thru the system - changing 
master codes, etc. 


(29) 14-year old Phineas Phreak of Montgomery County, MD, pene- 
trated a var man's BBS and stole files from it, and erased files.) 
He then called the BBS's answering machine and demanded future! 
access to all files in the BBS. The police were called, Phineas was, 
arrested and convicted. 


(30) In 1984, Newsweek reporter Richard Sanzda was harassed by 
irate phreaks after his semi-revealing Nov. 12 article (see Dec. 10) 
follow-up) on computer phrecking. Because Sanzda had "deceived" 
phreakers, he was convicted by “tele-trial." Harassment included 
obscene phone calls (which he could not avoid even by getting unlist- 
ed numbers), phreak changes in his credit records, and unordered 
merchandise. 


(31) According to a June, 1986 report from the OTA (U.S. Congress): 
(A) 25% of all surveyed Government agencies (13 Cabinet-level| 
departments and 20 independent agencies) did not screen employees; 
who access computers. 
) 40% of these agencies had not conducted security risk anal-' 

ysis studies of their computer systems in the last five years, as re- 
quired by OMB. { 
(C) 75% don't have explicit microcomputer security policies.- | 

(D) 60% don't have contingency plans to protect data if their) 
mainframe computers are disrupted. 


DISCLAIMER: COMPUTER PHREAKING II is sold as is ond for ed- 
ucational purposes only. While every attempt has been made to 
provide correct and complete information, we do not assume re- 
sponsibility for any errors- or omissions. -We assume no liability 
whatsoever for loss or damage caused directly or indirectly, or al- 
leged to be caused by the information found herein. We do NOT 
recommend, suggest or encourage ony illegal use of computers. 


CUSTOMER SERVICE: We provide, as time permits, FREE advice 
on computer security problems. Please clearly, concisely and com- 
pletely describe what your problem(s) is, and please enclose a #10 
or larger SASE. If we can help you, we will definitely respond to 
your inquiry. 
NEW EDITIONS: We gladly accept advice and information to im- 
ba future editions of COMPUTER PHREAKING, AUTOMATIC 
LLER MACHINES, PHONE COLOR BOXES, CRYPTANALYSIS 
TECHNIQUES, and on any other survival topic. All correspondences 
are held strictly confidential. Please send them to us. We are inter- 
ested only in factual information (the more detailed, the better) 
and not your ID. If you wish, you may be anonymous.\ 
. 2011 CRESCENT DR., P. O. DRAWER 537 
Consumertronics Co.{ ALAMOGORDO, NM 88310 ‘ 








THE CASE.OF 8BBS' 


8BBS is the name of a popular BBS which used to function from a 
private residence in Santa Clara, CA. It ran on a PDP 8 minicom- 
puter, and quickly gained the interest of mony computerists on a) 
national basis. 


8BBS was raided by the FBI, local law enforcers, and Ma Bell secur- 
ity, summer of 1981. They were accused of: 

i Shutting down Pacific Te 's Traffic Position Office. 

3 


Obtaining information from the California DMV. 
Penetrating the security protection of DEC corporation's 
ARK computer and pirating software. 

(4) Penetrating KRPANET, a national computer network run by 
the t. of Defense, including a Pentagon computer. 

(5) Penetrating NCIC, a national computer network which con- 
pig criminal intelligence information for law enforcement agen- 
cies. 

6 

H Penetrating an airlines reservation computer to steal tickets. 

8) Penetrating the computer owned by U.S. Leosing Corp. in 
San Francisco, and destroying obout $250,000 worth of data files. 


When they were raided, the FBI broke down their door and seized) 
their entire system, software and documentation - about $8,000 
worth. Even though the group stated that it did not know the 
modem was stolen, it was the alleged stolen 1200 baud modem that-| 
was used as the pretext by the FBI to dismantle 8BBS. 





ene stn stolen property (a modem). 


It was reported that the 8BBS group acted like a "guerilla army" by 
holding clandestine meetings, and cleverly infiltrating Pacific Tele. 

's Cosmos Maintenance Center (May 1981) to obtain intel- 
igence to penetrate Ma Bell's computer system. In this raid, they 
acquired passwords, documentation, and electronic combinations 
needed for opening doors at other Ma Bell installations. Th even| 
rammed the manager's auto-dicler so that it would dial num- 


repr: 
: y could intercept. The 8BBS group was also linked to a simi-| 


bers t 





lar group in Philadelphia, some of whose members were associated) 
with TAP - including the legendary Wizard. 


| 
The U.S. Leasing Corp. penetration perhaps typifies phone phreak-| 
ing a computer. According to the court records, to normally access) 
the PDP 11/70 computer, the user gave it two small numbers (each) 
less than 254, separated by a ",") followed by a password, provided) 
only to users with an account with the firm. Those users with “priv-| 
ileged access" on the system had an account with a project number) 
of 1. Users with privileged access were, among other privileges, al-| 
lowed to look up the password of any other account, using an intern-' 
al program called "Money." The 8BBS group was able to add a non-; 
privileged account to the system. This account contained a pro- 
gram called "God.BAS." God.BAS was a trojan horse, whose pur-| 
se was to convert a non-privileged account to one with privi- 
eged access. This converted account then was used to access the 
Money program for a listing of system accounts, passwords, and 
programs. God.BAS was then used again convert to another, unrelat-} 
ed, non-privileged account to privileged access status. It then used, 
this account to raid the other non-privileged accounts. 


THE CASE OF |ARAPANET, 


In 1982, two LA teenagers, Ron Austin and Kevin Poulsen, ulled 
one the most shocking computer stunts ever - they penetrated 
ARAPNET, NASA, the Pent an airline and others - using a 
TRS-80 Model I and a VIC-20! ARAPNET is the Government's sci- 
entific and military computer network with over 5,000 customers 
that links virtually every Government wary contractor and educa-, 
tional institution involved in scientific or military research. | 
Penetration began with password guessing. On their fourth try, the’ 
enterred "UCB" (Univ. of Calif. at Berkeley), and got in! This old, 
seldomly used password still worked. 


ARAPNET's attributes are extensively published because it be- 
came the standard for all data networks. Ron and Kevin purchased 
a Unix manual from the UCLA bookstore. Unix is a multi-user, 
multi-tasking OS devised by Bell Labs for AT&T. Unix is con- 
trolled by a small kernal that contains the system primitives. In- 
structions are enclosed in a series of shells. Complex procedures 
can be executed with aan a few text lines, by defining a few pipes 
to link the shells. has a large library of routines found inside 
the shells. File directories are arranged tree-like, with a master 
(root) directory leading to other directories. 


Since UCB was just an ordinary user, Ron and Kevin manipulated 
the OS to become “supet-users" to gef extra 
access the system. With their expert knowledge about Unix, they 
found files with legitimate user passwords and names. Each pass- 
word is associated with its Unix shell, and thus defined the privi- 
lege level. A routine was devised to steal the privilege shell of a 
known, super-user when he signed on, and then to transfer it to a 
shell associated with an existing, but little-used ID, "Jim Miller." 
Ron and Kevin became "Jim Miller"; the original super-user lost his 
network status. 


eee to further! 


| 


| 









COMPUTER PHREAKING IIT 7 


With their super-user status, Ron and Kevin roamed freely thru all 

7 echo : a is exploring se 2 Bey neces yma military pres 
y rate Corp., Stan titut 

al Research Lab., NORAD, etc. pits a Ree 


Because ARAPANET keeps detailed logs, officials at UCLA begar 
to notice the upsurge in use by UCB (before they became hae 
users). The KGB was suspected. Investigation revealed that the 
user ID, "Jim Miller," was associated with UCB, and it, too, was 
investigated. Traps set for "Jim Miller," were cleverly evaded. 
The phone lines could not be traced back to their origins because 
Ron and Kevin used a clever technique. They would enter 
ARAPANET thru a gateway. Since the call to the gateway comput- 
ers were all local calls, and (at that time) local phone numbers 
were not routinely traced to their origin, the investigators could 
only trace back as far as the gateway, where the trail vanished. 


Since the concentration of local computers used were in the Ston- 
ford, CA area, the phreaks were maapacted of operating from Stan- 
ford. Meanwhile, CLA-investigators- discovered that, in-one of 
their earliest sessions using UCB, Ron revealed his real address in 
a_ registration questionnaire. Ron and Kevin were raided by the! 
FBI, Ron was convicted on 12 felony counts and imprisoned for a 
tan mente, and released to do 600 hours of community service 
work, 


This case teaches the following lessons: 

(1) Even the largest, most complex and exotic computer systems 
can penetrated. In fact, cant size, traffic volume and number 
of users tend to conceal phreaking while compromising the system’ 
characteristics that assure security. 

2) You don't need an carne, state-of-the-art computer to) 
er ee phreak. 

(3) Computer phreaks use systematic approaches to crack com- 
plex systems. 


THE CASE OF THE GODFATHER 


This is the story of a graduate student programmer (unknown name) 
who planted a godfather in a universit congue system. His mo-, 
tive seems to have been mischief. His godfather granted him the 


highest privilege level, permitted him to access confidential univer- 


sity personnel data files, financial data, and to receive top priority 
in his use of the system. Me 
The university asked him to write a machine anaes utility pro- 
gram to manipulate magnetic tape data. He embedded code nto 
this utility so that every time it was run it would automatically; 
check the privilege level at which it was being run. If the privilege 


level was less than the highest level, the utility simply went on its 
normal way. 





If executed at the highest privilege level, the tape utility would 
first copy a program from the progronwnss s files into the system's 
pean storage area. Control of the computer would then pass 
rom the tape utility to the new program. The new program would 
then execute, and in doing so, zap certain OS bytes. It would then 
remove all evidence of the attack by erasing the trojan horse code 
in the tape utility program both in storage and in its master copy 
in the program library. It would then erase itself from primary stor- 
age, and return control to the tape utility to resume manipulation 
of tape data. | 


About six months later, the tape utility was operated at the highest’ 
privilege level, injecting the godfather into the OS, where it oper- 
ated undiscovered for six months. A system failure triggered an ex- 
amination of the OS code by a system programmer. Purely by ac- 
cident, he stumbled onto the godfather code. After investigating, 
-a--full confession was found_in the graduate student's file storage 
area, which the student had intended for release after his gradua- 
tion. 

This incident demonstrates: 

{3 A typical application of a godfather. 

2) The clever strategy used to implant the godfather, and then 
to destroy all evidence of the attack except for the few required 
byte changes in the OS. 

(3) That machine-language programs can be designed to perform 
complicated manipulations of themselves and other programs. In 
fact, they can be designed to totally metamorphose when certain’ 
parts are executing - then to return to their usual form when they; 
are not executing. ; 

4) The typical means of discovery - LUCK! 

A common character flaw of some computer phreaks - they! 
can't wait to tell the world how smart they are. : 


IBM-PC SOFTWARE WANTED: We are preparing a publication to 
evaluate the top 100 IBM-PC software packages. We are interest- 
ed in IBM-PC software of all kinds and types. We will buy, trade or/ 
lease. Please describe what you have. 






































THE CASE OF JERRY SNEIDER 


Jerry Schneider is regarded as one of the most succéssful system) 
netrators in the "whiz kid, solo artist" class. His Met art were 
estern Electric (WE), and Pacific Telephone and Telegraph (PTT). | 


Schneider set up a business of selling used ond repaired phone equip- 
ment, much of which he obtained from PTT's trash cans. also} 
found many PTT documents, some relating to their computer sys- 
tem and purchasing procedures, and established his own oper- 
ations library. ; 


Schneider put a plan into effect to penetrate PTT's co 
order equipment from WE equipment sites posing as a PTT e 
ee. The equipment was to be delivered at certain locations in 
early morning hours, where he would go and pick it up. 


Posing as an author, Schneider told WE and PTT. officials that he) 
was writing a magazine story on their IBM 360 computerized sa 
ment ordering system. They bent over backwards to provide him 
tours, special presentations and documentation. It to Schneider 
seven years to learn enough to penetrate the PTT-WE system. By 
then, he knew more than anybody in either company about their 
SS eee aoe 


uter, and 


Schneider moved his business into a 6,000 square-foot warehouse. | 
He acquired a Ford van at a PTT auction, still with PTT's emblems. | 
He needed keys to get into WE equipment delivery areas. He pur- 
chased a key to a key box from a former PTT employee. He was 
then able to obtain and copy keys to all equipment areas, including 
master keys. Finally, he purchased a touch-tone card-dicler of the’ 
type used by PTT to submit their orders. Using an equipment site 
cherie number which he found written on one of the guides he was! 
given, he then called, and posing as a supply employee, obtained 
the computer access, site ID and site account numbers as required| 
by the card-dialer for phoning-in orders. 


After several months of trial and error effort, Schneider perfected 
his fraud in late June, 1971. Every day for seven months, Schneider, 
used his card-dicler to place orders in the $10 Thousands with the 
computer, and picked them up the following day, very early in the 
mocning, either from an equipment site or wherever else he speci- 

ed. . | 


Schneider's business rapidly grew to 10 employees. One of his requ 
lar customers was PTT, who purchased equipment from him which) 
they could not or did not know how to get through their own system! | 





1 
Schneider became so worn out thot he finally confided in one of his) 
employees. He and the employee soon were involved in a salary dis-, 
The disgruntled employee turned him in to PTT security. Ai 
ap was laid, the evidence gathered, and Jerry Schneider was ar- 
rested, tried and convicted Gfter plea bargaining to guilty of the| 
grand theft of $5,000). He was sentenced to two months in a mini- 
mum security institution in Malibu, and fined $500. He was re-| 
leased after 40 days. 


Schneider later established a lucrative career as a security analyst | 
chosen career of many caught and pampered computer phreaks. | 


The full extent of Schneider's fraud has never been determined (or 
published). Estimates range from $125,000 to $2+ Million! Al- 
though Schneider was guilty of many felony counts of theft, his sen- 
tence was light - not untypical of the sentencing anyone can expect, 
for getting caught computer phreaking. This case demonstrates) 
how PTT and We, like many large firms, were very lax in their’ 
security. It also demonstrates that, if Schneider had not made the: 
foolish mistake of confiding in someone else, he probably would 
have gotten away with it years longer. ; 


Although this is one of the first major computer phreaking cases 
_miony_of the things that Schneider did to penetrate-PTT and WE. 
still work today on the many firms and government agencies that. 
still do not practice vigilant, modern computer security methods., 
It also demonstrates some of the most important attributes of a 
computer phreak: 


(1) He understands HOW TO PENETRATE computer systems. The 
actual understanding of computer systems in general or specific sys-| 
tems or computer programming is in no way critical to some forms, 
of Capes phreaking (although it helps). Schneider penetrated) 
the PTT computer with a card-dialer phone and NOT with another. 
computer. He came in the front door! Although he was apparently, 
very sharp with telephone equipment, it is not believed that he was; 
an expert with either computer hardware or software.. | 


(2) He has the ability of an secre to clearly understand what in- 
ormation and ye ttortl he requires to succeed with the plan, urid 
' from where and from whom to obtain those items. 


(3) He is a natural-born, fast-talking con-artist. 


ra: i 





} thruput, major hardware security methods are not usually a 


,etiminglity, and carelessness. 





COMPUTER PHREAKING II 
COUNTERMEASURES 


To fight computer crime is costly in time and money. Organiza- 
tions usually adopt either no strategy at all or the short-sighted 
strategy based u the cost effectiveness of fighting the crime. | 
In other words, they usually won't bother a nickel-and-dime rip-off, | 
or a much lorger but intermittent one with no set pattern. Just as/ 
the infrequent and random malfunction of a TV - even if fairly ser- 
lous - robably won't overcome your inertia to have it fixed, moder- 
ately large but infrequent and random computer rip-offs may not 
overcome the inertia of a starting a major investigation or tighten- 
ing of security - particulary in organizations. eaiperg the policy 
of writing-off some criminal or unexplained losses as inevitable is, 
in. the short term, cost effectiye, in the,lohg term it encourages, 

Money-motivated criminals are; ¢si-; 
ven by only one thing - GREED! ; | 


| 


Organizations which are unconcerned about investigating criminal 
activity are usually also slipshod in preventing it. Easily guessed at, 
or obtained passwords and keys, poor auditing, and slack computer/i” 
and software security invite fraud. 

| 
Most vulnerable to computer fraud are small businesses. because 
they lack the resources to prevent it, and are devastated by such los-, 
ses. From the magnitude of fraud in government ogencies and con- 
tractors, it is obvious that few personnel really give a damn be- 
cause taxpayers foot all losses regardless. 


Financial organizations routinely have FDIC, FSLIC or NCUSIF 
cover such losses, and they lenge y take an indifferent or hostile at-| 
titude towards customer complaints - in gros#*violation of Regula-. 
tion E. Bank failures have much accelerated in recent years -| 
largely because of computer embezzlements disguised in the form, 
of “bad loans." When a bank fails, depositors are handed FDIC 
checks to cover their losses up-to $100,000, the bank is "taken over" 
by a another bonk or "liquidated," all the dirt is swept under the 
rug, and usually little is done to prosecute the wrongdoers or to pre- 
vent future reoccurrences. More often than not, the crook moves 
on to another financial organization. 


Large corporations routinely write-off computer fraud losses from 
their taxes, and many simply pass them on as price increases. In 
summary, those who con't afford srg security are most. damned 
by crime, while those who can afford it usually don't give a damn. 


Many organizations use transaction-oriented processing and are 
unable to postpone transaction processing long enough to provide 
anything but a cursory check. The perpetrator disappears before 
the fraud is discovered. 


The objective then should be to obtain the maximum security from! 
the least effort and erpneee. Obviously, if every transaction is re- 
viewed, the cost will be prohibitive. Therefore, preventive mea- 
sures, and sampling and partial techniques are developed to max- 
imize results for minimal cost. | 


Computer phreaking has become more dangerous in recent years, 

nee eweah against large systems. Many consultants now make a 
ucrative business of consulting on computer security. The first 
task of the consultant is to divide responsibility among everyone 
who has access to a computer. Information and programs are dis-, 
pensed on a need-to-know basis only. Tasks are not shared - em-| 
ployees do their specific job and their job only. Password and ac- 
cess code security is increased, and their generations are done on 
more random and encrypted bases to stymie guessing: Privilege 
levels are rigidly enforced so that those who can modify or erase 
pr rams are limited to a very few. In some systems, access is lim-| 
ted only to a small part of the OS. All accesses are logged onto) 
the system, and surveillance programs are used to audit not only) 
data entry and changes to establish audit trails, but also, in real 
~— the time and reasons of use as identified by user ID, terminal 
and port. 


Also, several programs may be in force for the sole purpose of 
threat monitoring. They continuously test and sample the system 
to see if anyone is repeatedly trying to log on without apparent suc-) 
cess; if a terminal or port is being overly used, or used during un-, 
usual hours or lengths; if unauthorized IDs are trying to log on; or if 
IDs are logging on unusual terminals or ports, during unusual times 
or lengths, or with unusual frequencies. These programs usvally, 
have a silent alarm that keeps the apparent phreak occupied on the, 
line or terminal until security personnel can investigate. 


Increasingly, in new systems, security is also being built into the 
hardware. TEMPEST standards are being applied. Usually, be- 
cause of the high expense of a retrofit and the slowii _— 4 
pecial 


unless the computer has been knowiingly phreaked before. 








cipher ROMs and modules are bei 
to encrypt data. 





ng installed, even in small systems, | 


Listed below are some additional specific counterrneasures: 


ACCOUNTING SECURITY 


(1) Use audit trails. An audit trail is a chronological record of sys- 
tem activities or of account transactions so that a complete recon- 
struction, review and examination of all the sequences of environ- 
ments and activities surrounding or leading to each event from its| 
inception to its final result are available. ’ 


















































(2) Carry totals of debits and credits for authorized filancial trans 
actions for all manual and automated processing steps in the system. 
This permits detection of added, deleted or changed transactions 
one step past their pone of origin, and the amount of the fraud. 
Verify the current-day closing balances add input dollar amounts’ 
against the previous day balances ond totals. 









(3) Divide-up the transactions into smaller batches in ccses where} 
the quantity of transactions is very large, and where postponements | 
for adequate checks are not practical. The total debits and credits 
of each batch is computed. This narrows down the number of-sus=; 
pects, and permits selective review of various departments. 


| 
(4) Maintain hash totals of all * data and programs. The pinpoint-' 
ing of added, deleted or changed transactions becomes simpler. If 
a perpetrator changes an account number without authorization, 
the hash total of the account numbers disbursed will then be differ- 
ent than the hash total of account numbers authorized, thus flagg- 
ing the fraud. The key data is NOT limited to numerical data. or| 
example, names can be converted to numbers by euremiog the num- 
erical equivalent of each letter in the name. us, hash totals can| 
be derived from any or all key data. By maintaining hash codes of| 
critical computer Prostate, unauthorized mod. of programs can be! 
easily discovered. NOTE: Hash totals can be manipulated to ap- 
pear OK by modifying the software which computes them. 








(5) Maintain subtotals by subledgers based upon departments, ac-! 
count types, product or service types, etc. - another excellent 
method to reduce the amount of required manual backchecking. 
NOTE: Subtotals can also be manipulated to appear OK by modify-| 
ing the software which computes them. | 


(6) Maintain authorization control. If automatic payments are is- 
sued by the system, then the fraud of entering ficticious beneficiar-| 
ies is in little danger of discovery. If additional mechanisms to in- 
itiate payment are required, the perpetrator may combine several 
ploys to obtain payment, thus complicating his life and increasing 
the risk of discovery. Supervisors must maintain file maintenance 
authorization control. It should not be possible to initiate transac- 
tions without acceptable source documentation and authorization. 
It also means that the totals of all maintenance transactions must 
be in balance thruout all processing steps. 


(7) Require authorizations for all adjustment transactions, and re-| 
quire tangible evidence. Adjustment transactions should be hand- 
led separately from all other processes used for accounting for 
equipment, inventory and supplies. Adjustment aes ration, author-) 
ization, and output reconciliation should be handled by different per- 
sonnel. Use control totals (similar to ordinary transactions) for all 
steps in the processing, from the initial authorization to the final) 
reconciliation of the output. ALL monetary error-correcting mech-| 
anisms should be handled by the adjustment procedures, and perm-| 
anently recorded. Maintain separate error correcting totals from) 
all other maintenance transaction totals. 





(8) Carefully monitor account activity affected by a maintenance) 
transaction. If charges pile up and payments are small, the! 
changed account may be a bogus one. 


(9) Monitor key data for reasonableness. -One fraud ploy is to! 
change the closing or billing date of an account to a non-existent | 
pat such as Feb. 30. Another Ploy is to continually change the) 
date to reasonable dates so that the date is never reached. Set-up} 
software routines to verify the reasonableness of all data keys. 
Also, billing should be made to occur automatically prior to the, 
acceptance of a new billing date. Manually validate key data, 
changes, if only on a random sampled basis, by verifying data with! 
ete sigge targets. Pay particular attention to accounts using P.O.| 

xes, and monitor those using street addresses for fictional ad-, 
dresses. Compare account addresses with employee addresses. 
Sort accounts by names and by addresses to spot unreasonable en-| 
tries, duplications and other suspicious looking groupings. 


} 























(10) Avoid using universal file maintenance transactions (see 
MODUS OPERANDI, under doctored transactions). Instead, design’ 
your system so that one transaction code is used for each type of 
change so that only one change results per transaction. If massive; 
changes are permitted, 100% manual verification is required to de-| 
tect bogus or zapped fields. 



















COMPUTER PHREAKING II 9g 


(11) Use sound auditing techniques. For example, the periodic ap-| 
piece of the simulation technique can detect breakage and other! 
rauds. Simulation involves recomputing amounts to be applied to! 
each account and then comparing them to the amounts actually 
applied. The account used as the accumulator by the breakage per- 
format will show a large discrepancy. Spot audits can detect the| 
ess sophisticated computer frauds. jowever, some computer | 
frouds are so sophisticated that a full blown audit is required for| 
> aaa - even so, pinpointing the fraud may be almost impossi- 
e! 


(12) Double-team. Transactions cannot be initiated unless author- 
ized by more than one trusted employee and-or officer. And ran- 
domly assign programmers to check each other's program mods. 

































(13) Eliminate inactive. and dormant accounts, or make them  , 
ative. In the case of financial organizations, identify them on an| 
exception basis and flag them for special review when activity. oc- 
curs - particularly i age i activ a é Potential target confirma- 
tion should be sought for all new activity. | 


! 















SYSTEM SECURITY! 


(1) Strictly apply passwords based upon duties and responsibilities.| 
Don't use simple, easily guessed passwords and-or keys. Encrypt 
them and change them oy yar Don't permit them to be de 
played, — out, stored in files, written down, transmitted, or 
openly discussed. immediately change any password or key that is 
suspected to be compromised. 

{ 


(2) If possible, “= all passwords and critical data using either; 
a_ Public Key or DES cipher, or the ciphers we developed. See, 
ABSOLUTE COMPUTER SECURITY ($25), CRYPT. 









ALYSIS 
TECHNIQUES ($25), and the encryption section herein. If at all 
possible, limit your critical data only to separate, isolated comput-| 
ers with very limited access. 


(3) Have ALL critical software (including the OS), and the hard- 
ware periodically examined by independent experts to ferret out) 
trojan horses (particularly log c bombs), bugs and taps, unauthor-' 
ized modules and circuit mods., modified automatic phone dialers, | 
and excessive EMI and audio emissions. Such a thorough analysis is| 
very expensive and cumbersome but preventive medic 























ine is far: 
cheaper than a huge loss.. } 













(4) Maintain a program library in which access to and mod. of crit-' 
ical programs, data files and the OS require special authorization,| 
scrutiny and complete documentation. All utility programs which; 
are os of ert eres editing, assembling, disassembling or 
modifying load modules should require extra special authorization’ 
and scrutiny to use. 





























After authorized software mods. are made, 
have other programmers examine the entire preger: to verify that 
only the authorized changes were made. In this library, keep a) 
secure copy of all . pcomecstis and data files for each of the last 3-6 
revisions. Allow only copies - not masters - to be signed out. : 













(5) Use a multi-tier system. The most common is a two-tier sys- 
tem in which the account number and PIN must be properly en- 
terred. Gront access to THAT user only to THAT account, and do| 
not permit any means for a user ID to gain access to the 0S, to any 
HELP or GUEST files, or to ony program or routine that will permit 
him to find, enter, change or delete passwords or keys, or to in-| 
crease his privilege level. 









(6) Physically secure computers, terminals, software, passwords, 
keys (software and hardware) and ciphers. Delay access to them 
until clearance is established. Shred and burn all disposed computer 
documentation, printouts, catalogs and everything else of intelli-, 
gence value to phreaks, and verify that no secrets are being lossed* 
thru poor trash disposal procedures. Move terminals and printers 
to confined locations so that passerbys can't glance over a shoulder 
to pick-up information. Maintain strict access controls even to 
members of the newsmedia, unauthorized company officers, and 
employee family members. 


(7) Install as many of the TEMPEST standards that you can to elim- 
inate EMI and audio leaks. See section on TEMPEST. 


























(8) Use security software, as described above, to monitor terminals, 
ports and IDs for unusual activities - particularly repeated attempts 
to guess passwords. Install silent alarms. Don't verify to callers 
who you are, the carrier service you use, the system you use, the! 
eve of hardware or software used by your a or your protocols. | 

ion't publicize that information in your PR materials. And deny 
feedback to users as to which passwords work. Cut-off all users 
after three log-on attempts. 




















' (9) Use call back (dial back), but be careful. Some older phone 
: switches use caller control where the call is only disconnected if 
the caller hangs up. This means .that the modem cannot hang-up on 
the caller, although, as far as the host computer can tell, it goes 
“on hook." When the computer then tries to call the file phone num- 
ber, the modem then reconnects the computer to the phreak's line. 
Some modems use dial tone detection before dialing and ringback 
detection after dialing. However, the phreak can easily simulate) 
these signals (ex: recorder playback). 
Even if called-party control is used, some modems will 


ick up a 
ringing line (and some will pick up even a non-ringing line} 


with an 


incoming call, and try to make an outgoing call on it. If the phreak| 
hangs up and then dials back immediately, the modem may be pre- 
ring for the outgoing verification call and disable its auto-answer- 
ck feature. It will then try to dial the file phone number thru 


the answered line. The phreak then simulates the dial and ring 
tones and then “answers” the phone. In most cases, there is.no soft- 
ware solution to these problems. 

The solution is to use a different line for outgoing calls, random 
time delays between dial-in and dial-out verification, and polling 
the modem to verify originate or answer mode. 


(10) Carefully monitor restart and recover activities, and author- 
ized program mods. for extra input transactions and suspicious be- 
havior... Frequent or unusual. system.crashes and resets should flag | 
security measures, because they can be purposely caused or fake 
to cause: | 

(A) Opportunities for system penetration and trojan horse im- | 


cnt. 
(B) Delayed processing so that a later processing rush and subse- 
quent seovelty relaxation result. | 
C) No verifications of tainted present data. | 
D) The erasure or confusion of past misdeeds. 
E) Paid overtime or early quitting time. | 
Crashes can also be systern-caused due to OS or program bugs, | 
and as the result of a clumsy trojan horse or penetration attempt. | 





(11) Physical controls may include appropriate fencing and gates, 
Preuriek detection déotons: (ex: foil ties, 8 eo Noe «wanes | 
infrared, microwave, ‘ ultrasound, closed-circuit , credential 
checking and verification, mechanical and electronic locks (ex: 
card, badge-reading locks), and physical characteristics IDs (ex: | 
hand geometry, voice, fingerprint, retina pattern). { 


(12) Use a Kernalized Secure OS (KSOS), such as that used with 
Unix. The kernal concept uses a reference monitor which restricts 
access to certain levels of the OS to certain users based upon their! 
privilege. It operates as a gateway in which objectives for each 
entry are monitored and controlled. | 


(13) Besides CONSUMERTRONICS CO., excellent sources of secur- 
ity information are: 
A) ALPHA PUBLICATIONS, P.O. Box 92, Sharon Center, OH, 


274 
* (6) Bae PUBLICATIONS, 135-53 North Blvd., Flushing, 


N 
(C) SHERWOOD COMMUNICATIONS ASSOCIATES, 1310 In- 
dustrial Highway, Southampton, PA 18966 


PERSONNEL SECURITY 


(1) Rotate computer assignments regularly. Have eee checked 
“4 non-programmers. Don't permit programmers system an-, 
alysts to input actual transactions. Keep applications programmers. 
and input clerks out of the system areas (centralized systems, diffi- 
cult for distributed systems). Don't permit’ system analysts to de- 
sign or zap application programs. 


(2) Keep your technical poneanens happy by treating them fairly. 
eward them well for their talents both financially and with recog-| 
nition, and avoid injustices and other irritations - particularly un-| 
paid overtime! Some firms insist upon treating accountants, ry oa 
eers and computer specialists as less than professional, and then, 
wonder why they get ripped-off! oF Mier yee 


(3) Hire security personnel based upon their knowledge, abilities | 
and alertness to modern techniques of plant penetration, computer 
crimes and terrorism. Train and pay them decently! And expect | 
high standards of physical fitness and security proficiency. 


(4) In the usual course of your duties, observe the activities of 
employees, customers, vendors, departments, products, etc. to 
check for unusually high or low activity and unusual behavior and 












|| his situation, and how to cover-u 





events. Observe employee behavior and relationships to minimize 
conflicts of interest and to become alerted to sudden, inexplicable | 
increases in standard of living or behavioral changes. ION: 
People have the right to privacy, and to preserve our precious sys-| 
tem of freedom and justice, employees must not be surveilled by) 
employers or their agents. Although we strongly believe in sound) 
employee screening practices, WE ARE STRONGLY AGAINST THE; 
US! POLYGRAPHS TO TEST PEOPLE FOR HONESTY - poly-| 

raphs are not reliable or valid (we have documented proof), can eas-' 
ily be beaten, and cause anger and resentment in many people. 








COMPUTER PHREAKING II 10 


(5) Segregate and closely scrutinize sensitive offices such as pur- 
chasing, inventory, personnel, etc. . 


(6) Be strict about errors, and require that errors be closely scruti- 
nized before and after corrections are made. Records of employee, 
section and department error rates need to be maintained so that; 
swift action can be taken for those that are too high. Error-prone 
staff should be transferred, retrained, or terminated. 


(7) Listen to and follow-up on problems and complaints by employ-| 
ees and potential targets. Focus all problems and complaints to a) 
top officer(s), and have them analyzed for similarities, mutual relo-| 
tionships and patterns. Even a small complaint can sometimes lift) 
the lid on a major fraud - if only there is someone smart ond caring 
enough to check it out. Too often, when if comes to complaints. 
and mistakes, organizations become careless or defensive, and try 
“9 cover them up instead of finding the root causes. The hest ap-| 
poe is to use your employees to help you detect ond stop fravas.. 

lave an open-door yes ake your poh gt feel free and wel- 
comed to bring their fee and complaints to you, and rewar 
“them substantially for helping you uncover computer crimes. 


(8) Hire only qualified trustworthy, 

ployees on tota tes bases. Do NOT favor relatives, cronies, 
or members of the same church, political party, race, ethnic group | 
or social club! Too often, people with well-known criminal behavior 
are placed in positions of great trust because of favortism and as- 
sumed honesty. 


reliable and hardworking em- 


(9) Maintain a workforce informed and oriented towards security. 
Carelessness, inattention and loose talk are the greatest weaknesses. | 
Information and access (physical and ey bbc should be pro-) 
vided only on need-to-know and as-required bases. Simple, inexpens- 
ive things such as turning OFF unattended terminals and computers, 
removing VDT and printer outputs from non-authorized viewing, | 
securely disposing of trash, and the locking-up of sensitive areas, 
equipment and software prevent substantial opportunities for com-' 
puter criminals. 


(10) Have clearly stated security policies. Make it well known that} 
employees involved in computer crime will be swiftly and severely | 
punished - regardless of rank or privileges. And that all criminals 
will be prosecuted. 


CRIMINAL DECISIONS FACTORS 


The factors that lead to crimes are: (1) Dishonesty. (2) Departure: 
ity. (3) Motivation (primarily greed and revenge). (4, Dollar! 
amount. (5) Risk of getting caught. (6) Punishment for getting 
caught. | 


Most criminals, prior to committing a crime, work out an equation, 
in their mind. They factor the amount of the temptation and mo- 
tivation with the PERCEIVED risk of getting caught and the punish-| 
ment if caught. If the equation balances in the favor of the crime, 
they commit the crime. TF not, they don't. Your objective must be: 
to substantially increase the risk of the criminal getting caught, 

and to take severe action against all who are caught - gogoentpnt ° 

their rank or privilege! Security must always be a high priority, 
highly visible, universally applied and constant activity. You must 
have clear security policies. ‘ 


MOST LIKELY PHREAK. TARGETS 


The savvy computer criminal not only knows which targets are| 
good "percentage shots," but the vulnerabilities of the system in| 
which he works. His objectives are to minimize discovery while! 
maximizing profit. He knows which officers and employees are less) 
than alert or can be compromised, what are the best times and 
conditions to activate his frauds, what are the best frauds to use. for’ 
his tracks. The ideal situation is) 
targets who are slow to complain, and an organization slow to in-| 
form targets of fraud and to investigate complaints. Frauds are) 
committed and compounded, and by the time they are discovered,' 
it is almost impossible to recover the lost money, to determine ex-! 
actly what was done, and-or to prosecute the criminal. 


| 
Accounts which are most often selected for “target practice" fall) 
into several distinct categories: } 


(1) INACTIVE OR DORMANT: Accounts which are inactive, in dis-| 
pute, about to be closed or written off as a bad debt. 


(2) THE EASILY VICTIMIZED: Accounts which belong to the aged, 
infirm, injured, absent, poor, and poorly educated. Most perpetra- 
tors looking for targets, monitor news reports for catac tea, 
changes in people's lives, such as death, serious injury or illness,| 
crime victim, weather victim, marriage, divorce, birth, arrest, law-| 
suit, etc., because those people will be much less likely to be vigil-| 
ant about their accounts. } 





(3) HIGHLY ACTIVE ACCOUNTS: Accounts which experience 
a transactions and large cashflows usually are not as closel 
monitored on a per transaction basis - particularly if the high cas 
flow is due to some sudden and unusual event, such as unexpected 
publicity, windfall, etc., and the account belongs to a small busi- 
ness or professional, or by a large organization.| 
(4) SEASONAL VARIATIONS: The Christmas Season, that is the 
time between Thanksgiving and New Years, is a time when most 
people are least vigilant about their financial accounts. 


TYPICAL COMPUTER PHREAK?| 


There is no such thing as a "typical computer phreak"! But, accord- 
ing to one study on caught computer criminals: 


(1) 9% of the computer crimes are committed by top executives 
and officers acting alone - resulting in 20% of the losses! 19% ore 
committed by computer ‘personnel, resulting in 22% of the losses. 
13% are committed by accounting personnel, resulting in 13% of 
the losses. . 
(2) 39% of computer crimes involve collusion, resulting in 32% of 
the losses. 


(3) Most computer criminals are viewed as reliable, motivated, 
bright, decent, trustworthy and loyal. 80% are employed for less 
than five years. 84%. are male. 62% of the male and 81% of the fe-) 
male criminals steal from their jobs. Most male criminals are eith- 
er branch managers or salesmen. Most females are clerks, cashiers 
or bookkeepers. 67% of the males and 75% of the females are under 
age 40. There appears to be no significant honesty differences be- 
tween age, race and ethnic groups. At least 15% of the general 
public readily admit to being crooked. | 


ENCRYPTING DATA’ 


Most organization do not use any kind of Kn re process when they| 
transmit computerized financial data to other organizations or to 
their branches. In fact, the Fed Wire, a network which moves al-| 
most $70 Trillion every year between the Federal Reserve and! 
member banks, is only partially encrypted! That system is appar- 
ently vulnerable to computer phreaks who could penetrate it to 
steal $ Millions - and never be detected! | 


| 
| 


Not all ciphers are that secure. Many organizations rely upon the | 
DES, which uses 64-bit numerical keys to encrypt and decrypt com- | 

uterized data (56 bits are significant, eight bits are used for par- | 
fry). The danger is that the keys can become compromised, and 
that newer computers are more able to guess them even if "brute | 
force" is relied upon. In fact, the NSA does not accept DES as an) 
acceptable cipher. There must be a reason! 


The American ee Association (ABA) recommends the adop-| 
tion of FULL HANDSHAKE AUTHENTICATION (see. figure) - a: 
form of encryption which informs users when a wiretap is present. | 
Two-way authentication is established between the central comput- 
er and each terminal. If the line is wiretapped and an illegal com-| 
ter is placed on it to impersonate the central.computer or ferm-| 
nal, it probably will not guess the correct ID codes, thus alerting) 
the system of the wiretap. | 
For a cipher to be most effective, it must use keys: | 
1 hich do not permanently reside in the computer system. 
2) Which change on a wy, per transaction or per session basis. 
3) Of various formats and fengths. } 
4) Part or all of which should be generated on a purely random) 


sis. 
es which the decoder Is different than the encoder, and can- 
t reasonably computed from it, so that the encoder can be 
published (PUBLIC KEY system). sf F , 

(6) In which repetitive plaintext format patterns are not mirror- 
ed in the ciphertext. 

(7) In which the repetition rates of chars., char. groups and} 
words in plaintext are not mirrored in ciphertext. 
(8) In which the attributes and habits of the source and-or the) 


ba 
no 


We, at CONSUMERTRONICS CO., have covmioped pees algorithms! 
that are impossible to break! See our ABSOL COMPUTER) 
SECURITY ad in the back. In 1982, a $1,000 reward was offerred, 
to anyone who could break a "knapsack" code. This code was bro- 
ken in 1984 by Ernest Brickell of Candia Labs. We realize that talk 
is cheap so we also offer a $1,000 REWARD to anyone who can 
break our 25,000+ word ciphertext. Even though we ve advertised 
this contest for a year (mostly in COMPUTER SHOPPER), many 
have tried, we provide many clues, we publish our cipher algorithms, 
we permit the use of supercomputers, team efforts and collabora- 
tion - TO DATE, NO ONE HAS EVEN COME CLOSE TO BREAK- 
ING OUR CIPHERS - IT JUST CAN'T BE DONE! Our ciphers are] 





Kaneohe, HI 96744. Or download from a BBS. 
| The most popular host systems to be penetrated are DEC sptemne 


‘COMPUTER PHREAKING I} gig 


not DES, Public Key or One-Time Pad. Our ciphers use 1-3 keys, 
each less than 50 chars. long. Until someone does break our cipher- 
text (if ever!), we claim that our ciphers are ABSOL if 
SECURE! If you are truly interested in protecting your data in-an 
ABSOLUTELY SECURE manner, then you absolutely must order 
from us a copy of ABSOLUTE COMPUTER SECURITY ($1,000 ci- 
esd ge and program are also available on a 5.25" IBM-PC disk- 
ette). 


For those interested in cryptanalysis, we also 
YSIS TECHNIQUES, see our ad in the back for 


PUBLIC KEY SYSTEMS! 


Public Key encryption is considered to be one of the most effect-| 
ive, and yet practical methods to.encrypt data. It is characterized) 
y the use of separate decoders and encoders derived from 


pane CRYPTANAL- 


the! 
same two very large prime numbers, but not feasibly computable 
from each other. Even the person who encodes a message cannot 
decode it!. The-encoder, and the algorithms for.computing the en-!§- 
coder and the decoder are published. The two large prime numbers 
and the decoder are kept strictly secret. 


In the standard application, the encoder is equal to the product of 
two prime numbers, "p" and "q" (n = pq), and the decoder, “d", is 
equal to (2(p-1)(q-1 “17/3. Before encoding, the message is convert- 
ed into a string of numbers. The message is then subdivided into 
same-size blocks. Each block contains the same number of digits. 
The blocks are encoded one at a time. To encode, each block is’ 
cubed and then a Modulo-n operation is performed, where n = en-| 
coder. The ciphertest contains the same number of same-size! 
blocks as the patent — its block size may be different 
than plaintext block size. To decode, each block of ciphertext is 
rai to the power of the decoder, and then subjected to another 
Modulo-n operation. 





t 


In most large systems, each of the prime numbers which ‘icine 
the keys are about 100 digits long. Each key is about 200 digits, 
long. Using a purely brute force method to guess the decoder by’ 
factoring a 200-digit encoder for its prime numbers, would require 
a typical micro 3.8 billion years!! However, recent breakthrus in 
factoring theory have reduced the amount of brute force guess- 
work to a level reasonable for large, modern computer systems, 
thus endangering all Public Key systems! ; 


PHREAK COMPUTER SYSTEMS, 


The micro used by about 1/3 of computer phreaks who remotely in-, 
vade other systems are one of the AP’ II series. Three reasons: | 
(1) The APPLE II series computers are inexpensive and very pop-| 


ular. 
{2} Much terminal software exists for them. 
3) The APPLE-CAT modem has some very powerful tone-gener- 
ating features. 


About 95% of the remaining 2/3 of the remote phreaks use IBM-PC} 
(or eomeasibien TRS-80, COMMODORE, AT or TI computers. 
The TI-99/4A, a discontinued computer, was very popular because | 
of its small size and sophisticated tone-generating abilities. 


There are many modems available, and modem plans. The most 
popular modems are made F HAYES. Terminal software depends 
upon the system you use, and the features you want. If you intend 
to try to access large systems, your terminal software should 
able to emulate popular terminals that the host system would ex- 
pect to communicate with. Also note that if use your computer to 
netrate the OS environment of the host computer, you must use| 
and understand) the commands used by that host system. There 
are many selections. Some public domain ones are very good, such 
as PC-TALK III. The best source for public domain software we 


know of is: WINDWARD PUBLIC SOFTWARE, P.O. Box 4630, 


Specific, detailed means for such penetrations have been spelled out 
in considerable detail in: 
1) 2600: Jan. 1985, July 1985, Nov. 1985, and April 1986 issues. | 
+ “ a COMPUTER UNDERGROUND, M. Harry, Loompanics 
nlimited. 





For future editions of COMPUTER PHREAKING, please let us 
know what hardware, software and experiences YOU have. | 


Consumertronics Co. | 
2011 CRESCENT DR., P.O. DRAWER 537, 
ALAMOGORDO, NM 88310 | 











LOG-ONS 


There are many RS-232C protocols, baud rates and types of termin- 
als. Some terminals are intelligent. They expect to receive cer-| 
tain Dag cages data to format the screen, etc. Most computers, 
you dial into expect to respond to certain systems only. To do busi-| 
ness with them, you either must have that system or be able to 
emulate it. Many modern modems and terminal software con deter- | 
mine from the incoming signal what protocol, baud rate and termin-' 
al type is expected, and then automatically emulate that terminal. | 
Many experienced users can, i by listening to the incoming signal | 
and viewing what the data looks like on an oscilloscope, deduce | 
what terminal is expected and make hardware and software changes | 
to emulate it - before throwing the data button on the modem ort 
plunging the phone handset into the rubber cups. The standard 
ud rate is 300 BPS, full duplex. } 


Some hosts won't respond until a char. or string of chars. is sent to | 
them. This is called, "Sign-On." This string may consist of more 
than one CR or space, "@N," etc. _ If ao have trouble logging on, 


refer to section on TROUBLESHOOTIN 















Once you are logged onto the host system, you will probably be re- | 
eased: to enter = paeneacd: Posiseends are aaevesel: Relies As on) 
‘ordinary user, you will be located in the host's applications soft-| 

ware. | 
The real challenge to most phreaks is to move from the terminal 
environment to other facilities in the system. If access of the user, 
log can be had, the phreak can create a new status, and thus privi-| 
lege level, for himself - such as system menage (sysop). Once the’ 
new status and its new password are acquired, the phreak logs out, 
under his old ID. He then logs in under his new fp. 
Methods for breaking from the applications program environment! 
to the OS environment is described below. People who do so usual-_ 
ly have (or have access to someone who has) considerable experi-_ 
ence on the fommtee system used by the host. You will generally | 
ew that you have crashed into the OS if the system prompts 
change. 





Once into the OS, the phreak does a DIR. If the system is a UNIX) 
system, directories are in a tree-like structure, with the root or 
master directory listing subdirectories. ahs : 


DIR will reveal files with EXE, TXT, DAT, BAS, COM and CMD; 
extents. Other extents are used to support certain software pack-| 
ages (ex: wordprocessors, spreadsheets). EXE are compiled files.’ 
COM or CMD are command files. BAS are basic files, stored in} 
rags —— = I an Be Pgh baw — is BJ ASCII data 
ile. e contents of an le can be displaye typing in: 
TYPE (filespec) after the prompt (IBM-PC and compatible syoterns). 
















The phreak inspects and runs many of the other programs and data 
files, as he moves thru the system at will. He may copy things over 
to his system, or make changes or erasures. Gorertll; 7, once in the 
system, particularly with a high privilege level, he can do just about! 
anything that he wishes. 





The phreak inspects and runs many of the other programs and data 
files, as he moves thru the system at will. He may copy things over 
to his system, or make changes or erasures. Generally, once in the 
system, particularly with a high privilege level, he can do just cbout 
anything that he wishes. 


TROUBLESHOOTING! 


Exploring other systems is exciting. The phreak soon realizes that! 
there are many different configurations. Some are purposely made) 


sions and very unique to isolate them from run-of-the-mill traf-| 
ic. 


BLANK SCREEN 

1) Bad connection or bad cable between the computer, modem) 

one lines. 
(2) Wrong baud rate. 300 BPS, full duplex, is fairly standard. 
Some host modems can be booted up in spend by hitting successive! 
CRs. Other common baud rates are 110, 600, 1260, 75 and 2400. { 

(3) Host modem is asleep. Usually, a CR, space or ENQ 
(<Cntrl>E) char. will wake it up. Of several. 

(4) The host modem expects a different terminal. Different! 
terminals require different Touch-Tone wake-up tones. 

(5) Both your modem and the host modem are either in the 
answer or originate mode. (Always start out in the originate mode). 
RANDOM CHAR. SCREEN - 

. (1) Wrong RS-232C protocol. Number of data chars. may be 7 or, 
8, poe ra be odd, even, null or none, and stop bits are usually 1, 
1.5 or NOTE: Null parity means that a "0" bit always occupies 
the parity bit position. No ciel means that the parity bit posi-' 
tion itself has been eliminated. Also, in exotic systems, the number! 
of stop bits may be any one of 14 other values between 0.563 and 


2.000 bits. 
2) Wrong handshaking. | STX/ETX 










an 




























is fairly standard, but. 





COMPUTER PHREAKING I] 42 


‘LINE OVERWRITES 













XON/XOFF (DC1/DC3), EOT/ACK and others are also used. 
3) Wrong baud rate (see above). 
4) Poor connection, particularly ff acoustic coupler is used.) 
Dirty connector contacts. Overly long RS-232C cable (50 feet; 
max.). Electrically noise-line or environment. | 


CHAR. DUPLICATIONS - { 

Caused by half duplex, Echo ON mode when both you and the 
host modem are seding chars. . Full-duplex, Echo OFF mode is 
correct. '. - sts aps 



















Neither your system or the host computer supplies CRs. If soft- 
ware permits, control chars. can be displayed (CRs displayed as 
<CntrbJs). Some systems will.ollqw.you to configure the host port 
for CRs/no-CRs and various line lengths." Some terminal software, 
will allow you to format your display. ‘ 


MULTIPLE LINE SPACES." | 
The opposite problem as Line Overwrites above. | 


TOO SHORT OR FRAGMENTED DISPLAY LINES. 

Too short of lines. means that the host or terminal program have’ 
specified too short of a line length. Fragmented display lines are, 
ps to the host system sending you too many chars. per line. Stan-' 
dard displays are 80 char./line. TV displays are 40 char./line.| 
Some systems are 64 char./line. See Line Overwrites above. 


MOST CHARS. READABLE, SOME GARBLED. 

1) See Random Char. Screen above. 

2) Host system thinks that you are an intelligent terminal (ex:, 
VT52 or VT100) and is sending you conftol chars. to format and 
highlight your display. Terminal emulator is required. 

3) Host system is sending you graphics chars. or binary code. 

4) The data is encrypted. | 

5) The data is intended for Danan SPEC Pere: A special termin- 
al program or utility is usually required. 

GOOD DISPLAY BUT BAD HARD COPY... 

(1) Your printer does not support the control codes sent. Some 
printers can be reconfigured with DIP switches and jumpers. See) 
our PRINTER & PLOTTER MANUAL II ($20), and your printer man-| 
val. Some terminal software permits you to make char. translations | 
by building yous own table. | 

° 


(2) You forgot to run your system's GRAPHICs utility, or your, 
system doesn't support graphics. 


TYPING NOT DISPLAYED: * 

Host computer does not echo back to you. To transmit, switch 
to half-duplex, Echo-ON (you wey see double chars.). To receive, 
switch back to full-duplex, Echo-OFF. 


DATA IN BURSTS. 
(1) Host system is time-shared and is very busy at that moment. 
If you can't handle the bursts, try later. 
(2) Host system is pausing for the correct handshaking. Try) 
sending a <CntrDF (ACK), <Cntrl>Q (XON) or <CntrbDB (STX}. 


PASSWORD NOT ACCEPTED 

{3} Wrong password. See section on PASSWORDS. 

2) Password has hidden control chars. which you can't display. 
If the password has in it a <CntrDH (backspace), it will overwrite 
its previous char. in the display, thus hiding that char. (and also the 
backspace char.). 

&) Password has chars. that your computes can't normally gener- 
ate (usually from a meta key). Terminal software may permit you 
to generate it anyhow. ! 











} 
j 





CERTAIN PROMPTS CAN'T BE OVERCOME 
The host ot requires chars. that your computer can't normal- 
ly generate. Check your terminal software. 


STOPPING TRANSMISSIONS 

<Cntrl>S. sometimes _ you into menu. Other times it causes 
the host to peuse until you send a <Cntrl>Q, where it resumes 
again. <Cntrl>C, <CntribD, BREAK (<Cntrl>1), and BREAK-| 
BREAK work in some systems. <Cntrl>C usually aborts a long list- 
ing or program. Some programs require a <Cntrl>X to abort.’ 
<Cntrl>O usually stops long rogram runs where you want to stay) 
in the program. <Cntrb>T is for time. <Cntr usually kill a 
whole line that you are typing in. 


CAN'T CRASH INTO THE OS: : | 
(1) No standard way of doing this. Depends upon host system 
and how its configured. Nearly impossible in some host systems 
because the OS is accessible from only a few privileged terminals 
and by a few privileged passwords. 
(2) BREAK-BREAK sometimes work. So do CR-CR. 


{ 


















(3) Various combinations of BREAK, ESC, CTRL, SHIFT with! 
each other or sequenced with other chars. sometimes Socks . 

4) SYS, X or SYSTEM sometimes works. 

5) Try exiting the host terminal program to other acceptable 
applications programs. Try the above approaches while you are 
being tronsferre (to create a system error), and after you are in 
the new applications program. 


PASSWORDS - HOW TO GET THEM 


THE INFORMATION PROVIDED IN COMPUTER PHREAKING II IS 
FOR EDUCATIONAL PURPOSES ONLY! DO NOT USE THIS IN- 
FORMATION IN ANY ILLEGAL MANNER. 


(1) In some systems, the host terminal can be made to send you its 
passwords if you put your modem in the answer mode (use the host} 
system tone), and send the host system a <CntrDE (ENQ). : 
(2) Write a trojan horse to intercept the usual sign-ON sequence so| 
that the user's password is saved in a file where it can be easily re- 
M trieved later. ; 





(3) Since people tend to reuse passwords, a password that worked 
on another system or worked in the past, may still work, or a varia- 
tion of-it may work. soe . wei ee 


(4) Some host systems require o special keyboard to enter pass- 
ree from. Find out what that keyboard is, and make one for your- 
self. 


(5) See if you can acquire a copy of the log-on disk. Examine it for 
passwords. 


(6) Use one of the methods described in TEMPEST section to gain 
passwords; or some other form of spying. 


(7) fotteenn} compromise, good acting, and scavenging sometimes 
works. 


(8) System and company manuals are an excellent senting point. 
Most have set-up passwords. Ina surprising number of installations, 
the set-up password is never ee and still works (as a trapdoor)! 
Los Alamos National Labs. and others were invaded by the 414 
phreak group simply by using the set-up password found in the DEC 
manual! System manuals are usually readily available from the 
manufacturer, computer bookstore or technical library. 


(9). Learn who the top people in the organization are, as well as 
the sysop, chief engineer, service engineer and system installer. 
Generally, when a system is being set up and demonstrated for the 
honcho's of the organization, their names (or a.port of them) will 
be used as a password, and may never be negated. If you find one 
such cute password, there are probably others! 





(10) Same as above, but learn what the special interests of the 
organization and its key personnel are, and try — relating 
to the jargon used in those special interests. This information is 
often Bee: at from the yi aadery fh itself, published in local news- 
papers, available from the library (ex: WHO'S WHO) or business/frat- 
ernal/civic clubs, found in the trash, = for the asking (pose as an 
interviewer). Also, family names (ala WAR GAMES), pet names, 
ddresses, important dates, SSNs and phone numbers (or parts! 
. Since many systems so heav-| 
t. SSNs (a other PN emarent 

V as to the 


home: a 
thereof) are also common passwords 
ily use SSNs, they are an early targe 
are easily found (in most stafes) by questioning the D 
ownership of a certain vehicle. 


{ 1) Some people choose easily remembered sequences as passwords 
ex: 12345878, PORST AKALAA, TO1010). Some people choose 
passwords that ore easily typed in (ex: QWERTY, G, FRED). 


(12) Common passwords are: PASSWORD, DIAG, DIAGNOSTIC, 

TESTING, SYS, SYSTEM, SYSTEM MANAG- 

Se at Sh By, i ews GK 

DEMO, TION, DISK, PEEK, POKE, SE OR, HELLO, 

AID, DISPLAY, CALL, CIP! TERM, TERMIN- 

TERNAL, BYTE, BIT, BAUD, GIGO, REMOTE, CHECK, 

, NETWORK, PHONE, MODEM, CONFIG, CONFIGURE, ZEUS, 

etc. Common passwords are also dirty words. HELP, GUEST ond 

IBMCE are especially good ones because, on many systems, they act 
as trapdoors ond will bypass all other security. 


{12 Passwords are usually one word (WORD format) or two words 
WORD1.WORD2 format). If two words, weds are usually separated 
by "." (most common), “/" or "?" (ex: SYSTEM.TEST). Word format 
and delimiter used depends upon the system. 


(14) Each password WORD is usually at least three chars. long. In| 
one-word systems, password yong is usually 6, 8 or 10 chars; in) 
two-word systems, it is usually 10 or 12 chars. The words are usual- 





ly common and easy to spell. Letters are almost always wprercuse: 
Numbers are commonly used either by themselves or with letters. 


aaa 
COMPUTER PHREAKING Il_13 


Punctuation (except for the two-word delimiter), grophics chars. ' 





_ and control chars. are not often used. 


One strategy is to create a list of the 1,000-5,000 most commor ' 
ly used words that fall into the most-likely password category. A: | 
excellent source for these words is, CRYP ANALYSIS FOR MICRC 
COMPUTERS, Caxton C. Foster, Hayden, 1982, Appendix F.. The # 
remove the plurals from all nouns, all verbs not in the infinite cox 
struction, articles (ex: “and," "but," “nor"), and words over three sy}- 
lables. Proper names are excluded. In two-word systems, mos! 
passwords use a one-syllable word for WORD1 and a two-syllabie 
word for WORD2. A program is written to test all words (one-, 
word systems) and word combinations (two-word systems). 


(15) At first blush, ATM PINs a i 
But, while doing research for our AUTOMATIC | 


cracking them. 
TELLER MACHINES, 


can be ay a 
). account. 


gether, he was able to devise a password generation algorithm that 
t of possi PINs and 


receding the encrypted PINs on the debit card's magnetic strip (us- ¥ — 
ing a converted floppy disk drive), correlated those readings with } 
the known PINs, and gained invaluable clues as to the en tion ¢ 
algorithm used! His converted disk drive can also WRITE to magnet- | 
ic ran For more dynamite info. on ATMs, see our AUTOMATIC 
TELLER MACHINES ($15). | 


(17) Once you compute the possible total number of passwords ac- 
ceptable to a system based upon allowable char. combinations, pass- 
word length, etc., then determine how many passwords have been is- 
sued by that system (ex: number of ATM customers). You can then 
compute the probability that any given pick will work. In the case! 





above, the person computed that one out every 67 of the possible | 
acceptable PINs -belonged to an actual bank customer! Since: most, 
ATMs permit three tries before they shut you off, he may have » 


been able to rob that system one out of every 20 tries! Not tomen- = 
tion the special trapdoor PINs reserved for bank and ATM manager- § 
ial, computer and servicing personnel that can blow the ATM and © 
bank computer wide-open! The rough number of password custom- 
ers are sometimes published in the news, just for the asking, or ob- 
—— by posing as an interviewer for a bank or ATM industry pub- 
cation. es 


(18) In a purely randomly-generoted password system, where-only 
numbers and uppercase letters are permitted, there will statistical- 
ly be 2.6 letters for every number. If that ratio pag eo. dif- 
ers in normal gonees. then you know that char. selection is | 
NOT random. For example, Dow Jones passwords are always 10. 

chars. long (one-word). The letters/numbers ratio is always 4/6 or ; 
5/5 (see COMPUTER UNDERGROUND, M. Harry, Loompanics| 

Unlimited, for more details). 


od 


(19) Even if the password chars. appear to be randomly generated, 
they, and their resultant passwords, are almost never truly random 
for these reasons: - 

(A) Some chars., such as'"1", “O", "O", "2", “Z" are not used 
because they can be confused. 

(B) Some types .of chars., such as control chars., graphics 
chars., and-or lowercase letters are almost never used, except as 
the result of encryption. 

(C) Special rules are almost always used so that the positions 
and sequences of password numbers and letters are rigidly defined. 

Computer. random number generators use a seed number tc 
enerate the random numbers. For ve, the IBM-PC RANDOM 
ZE statement. The resulting RND numbers are biased based upor 

the seed number used. If the seed number is changed infrequently, 
then the set of passwords generated by it will be biased. 


(20) By analyzing available passwords, one can make a table of ; 
rules of how the host system computes its passwords. An algorithm 
can then be devised to compute possible passwords by obeying its 
rules. EXAMPLE: Dialog passwords are always 8 chars. lo oes 
word). The first four chars. are numbers; the last four are letters. 
First and fourth chars. are "O"s. One vowel and three consonants 
are used. Consonants. are epee f not duplicated. Based upon 
these srote rules, there are 793,337 possible ONNOCCCV passwords 
(N = number, C = consonant, V = vowel). Without these rules, the 
total possible number of passwords of CCCCCCCC (C = alphanumer- 
ic char.), there would be 2.821 trillion (36-to-the-8th. power)! Thus 

by knowing a few, simple and — eC? rules, the number of 
passwords are reduced by a FACTOR of 3.54 million! Since there 
are about 10,000 active Dialog passwords, one-in-80 possible pass-| 
words are valid - well within reach of phreaks! 


— 


ORR CRE TE 


0 


iy 








COMPUTER PHREAKING II 
BBS ADVICE 


You can acquire extensive lists of ‘hundreds of BBSs from 2600, 
COMPUTER SHOPPER, user's rou ss and from BBSs. BBSs are 
both private and commercial. Most are general, but some restrict 
themselves to particular systems or groups of people. Participat- 
ing on a BBS can be fun and exciting. 


i4 








To access any BBS, you require a computer (virtually any kind) 
terminal software, a modem and a phone. Most BBS have Specia 
Interest Group (SIG) sections. Entrance to each SIG is at the dis- 
cretion of management tied sysop). The list of available SIGs also 
depends upon your privilege level. There will likely be more than 
one SIG for hackers. 


Most phreak BBSs have three levels of access (by password): 

1) LEVEL 1: Anyone or any member who has “joined” 4 = 
ing some fee and-or by meeting some. minimal requirement. At 
Level 1, you can get programs, chit-chat, pick up tips, and obtain 
some divice to matters important to you that don't require a lot of 
effort or special knowledge on the part of contributors. To make a 
BBS work, you should always make as many contributions as poss- 
ible. You should also use a “handle" to call yourself by. 

2 2: If your contributions at Level 1 were significant 
(ex: programs, passwords, credit card numbers), and-the sysop and 





other higher-level phreaks are impressed by your knowledge, skill 
and results, you will "pea be invited into Level 2. Level 2 
membership may Fray! rom 1% to 100% of the Level 1 membership, 


depending upon t S$. Level 2 gives you far more access to hard- 
to-get, sensitive and illegal type information, and to more SIGs. 
However, you are expected to contribute substantially also. 

3 3: If you knowledge, skill and contributions further 
favorably impress the sysop and other Level 3 phreaks, you ha 
made voice contact with one or more of them, and 7 have 
their scrutiny of you, you may get invited to Level 3. Level 3 gives 
rie the same privileges as the sysop (ex: viewing the files and E- 

ail of other members, passing judgement on them, participating 
in tele-trials), except that you serve at the pleasure of the sysop.| 
Level 3 also gives you access to the most sensitive and hard-to- 
find information there is, and you become a working member 4f 
team for special projects. 


BBSs do have their disadvantages: 

(1) Phone numbers and passwords frequently change in. most pri- 
vate BBSs to shake out undesirables. If you weren't given the new 
number and-or + epee it can take you weeks to findit. 

(2) Seasoned BBS users tend to very clannish. { It. may takel 
considerable time for you to be accepted. The worse mistake some 
peapie make is asking too many questions too soon. 

(3) There is constant pressure to contribute, particularly at the 
higher levels. It can become like a job. And it can get very time- 
consuming. © 

(4) Phone costs are high. I've known BBS members to pay $500+ 
per month on phone costs alone. 

5) By becoming an active BBS member, your privacy almost 
falls into the public domain. Eventually, many people get to know 


you. 

(6) Your new acquaintances will include the FBI!_ The FBI has a) 
special unit that does nothing but join and inspect BBSs for illegal| 
postings. According to a story in 2600, an FBI informant tried to 
penetrate a group of phreaks who were playing around with IBM's) 
ADS pean To obtain the confidence of the phreaks, the inform- 
ant offerred inducements in services and information. The phreaks| 
found out who he was because of sloppyness on his part. Had he not 
been discovered, he could have done great damage to them. This is 
=. it is usually not smart to go beyond Level 2, and to work alone 
or in a very small and highly trusted group. 

(7) If you provide your own BBS, you may become the target of 
hreaks trying to penetrate. Also, you can be held liable for any il- 
egal or damaging info. published on your BBS - even if you are un- 

awere that it's there. Virtually not a week goes by without the FBI) 
trashing a BBS on those grounds. 

(8) Some present can get very hostile. If you fall on the wrong 

side of a skilled phreak, he can ou a lot of damage. 2600 repor-| 
ted that two phreaks, A and B, became very friendly with each} 
other, exchanging info. i - ack A later changed his interests in 
life, and tried to reduce his relationship with B. B became very 
hostile, and began to use his phreaking skills to persecute A, caus- 
ing A considerable grief. Also, if you ce ose up, phreaks can! 
hold you up to Tele-Trial - if convicted, they do the B routine on 
you! Ask Richard Sanzda of Newsweek. | 


(9) According to the May, 1986 issue of 2600, the FBI and 
arge city police departments set up their own BBSs to gain intelli- 
en@e on phreaks and as sting operations. 








1 





2011 CRESCENT DR., P. O. DRAWER 537} 
ALAMOGORDO, NM 88310 


Consumertronics Co! 


























































-ed- to 









XMITTER_ 


RECEIVER 





ENCOE 





cys ky — | 
pak diagram depicting how computers communicate with each| 
other. | 










BLIC = 
CIPHERTEXT! 
7 es 
aN ETS 
ENCODING KEY BSQURCE 
A Public Key cryptographic system. Encoders can be seat over pub- 
lic commo finks (ex: non-secure phone lines). Decoders are sent 
over secure links only. The large prime numbers (each 64+ digits) us- 
enerate- the keys-are—-never-sent.---Thus;-by- publishing the 
Public Key encoder, encoded data can be sent to the system by 
many sources - all encoded using the same encoder - yet only de- 
cipherable by the system with the proper decoder. For two-way 
commos, each system generates its own sets of encoders and decod- 
ers. The public encoders are exchanged. Public Keys, when used| 
with Full Handshake Authentication systems, provide the maximum 
amount of security known. Because of gery « sophisticated’ 
e 


techniques used to factor large numbers, Public Key systems may| 
not have many useful years left. : 















MERCHANT TERMINAL ° 


~ BANK COMPUTER | 


EE agencies 
(A) LOG-ON 


"ONE-HALF | 
BASE KEY | 





ENCODED 
fase 
(B) LOG-ON 


 BASE.KEY 
See REQUEST» 
recaiaca 
_. SREY 
AUTHENTICATION 
AUTHORIZATION 


(-scerme 
(D) 
AUTHORIZATION 


SS) 
(E) 


AUTHENTICATION Vy F(IDy) 


ENCODED . 4 CIPHERTEXT BASE KEY 
SESSION KEY 
(F) DATA. } 
/\PLAINTEXT “TRANSFER PLAINTEXT, 
‘DATA DATA ' 
*MODULO-2 ‘SUM ("OR" GATE EQUIV.) OF BOTH: HALVES | 
A block diagram depicting an example of FULL HANDSHAKE 
AUTHENTICATION. (A)-(B): The primary purpose of Log-On is to. 
generate the keys. A different Session Key is generated for ever 
Log-On. : The purpose of Authentication is to establis! 
with 100% certainty that the Bank Computer is talking to the right 
Merchant Terminal and vice-versa. For optimum security, at least! 
or of the Session Key, IDx and IDy should be randomly generated. | 
ther parts should consist of Transaction Number, Merchant Identi-| 
fier, and Bank Identifier, respectively. F(IDx) and F(IDy) are func-| 
tions of IDx and IDy used to verify that both IDs were correctly| 
sent, received and returned. Encoding and decoding are both done) 
by the Encoded Session Key and the Base Key. (F): After Authenti-| 


cation has been established, the transfer of data back and forth is) 
engaged. 


















ion 
















WIRETAPPING 


It is a common misconception - one that has gotten a lot of phone| 
and computer phreaks in trouble - that legal phone taps.can only be 
authorized by a court of law. Section 605 of Title 47, Us Code, for- 
bids interception of communications or the divulgence of inter- 
cepted communications, EXCEPT by persons described in 18 USC, 
Chap. 119, of which Section 2511 (2) {of () states: 

























































"It shall not be unlawful under this chapter for an operator of a| 
switchboard, or an officer, emenorees or agent of any communica- 
tions common carrier (Ma Bell), whose facilities are used in the 
transmission of a wire communication, to intercept, disclose, or 
use that communication in the normal course of his employment 
while engsged in any activity which is a necessary incident to the 
rendition of his service or to the protection of the rights or proper- 
ty of the carrier of such communication..." 


In other words, Ma Beli can monitor your phone transmissions any 
@ time they sage ee for virtually any reason se | want to, and they 

‘can use the information so gathered in virtually any manner they 
want to! These phone transmissions may be conversation and-or 
computer data. the only limitations, weak as they are, appear to 
“Pbe that the interception must somehow relate to ITHER the em- 
ployee's job responsibilities OR the rights or property of Ma Bell, | 
End that the monitoring must not be excessive or abusive. 








In U.S. vs: Sugden - a case which was upheld by the U.S. Supreme! 
Court, this ruling was made: 


"For an unreasonable search and seizure to result from the inter-! 
ception of defendant's communication, he must have exhibited a 
reasonable expectation of privacy. Where, as here, one uses a com- 
munication facility illegally, no such expectation is exhibited." 


This means that if one uses the phone lines to phreak, one waives: 
all of his rights to privacy. Also, if the transmitted data is digital 
and not “aural,” there is no law that protects its unauthorized in- 
terception by anyone. 


Ma Bell can legally install a Dialed Number Recorder (DNR) (ie 
pen recorder) on your line. DNRs are being an, applied to 
phone lines suspected of computer activity. The DNRs are being 
used not just to ferret out illegal activity, but to prove that a line) 
is being used for computer data transmission to justify the applica-| 
tion of additional charges for providing a data-quality phone ser- 
vice (even though Ma Bell didn't upgrade). 





DNRs are used to record the phone numbers called, the presence of| 
2600 Hz on the line, and the first 1-2 minutes of transmission (pur-| 
portedly to obtain IDs). -DNRs are legal as long as entire legal con- 
versations or data transmissions are not recorded. Of course, re- 
cording the first 1-2 minutes of a cooputerizad access also com- 

romises passwords as Ma Bell can legally disclose these recordings 
just about however it suits it, and can use this ill-gotten informa-| 
tion 'to protect its rights and property.’ Thus, many employees of 
Ma Bell can use their jobs to obtain information necessary to pene-' 
trate most computer systems. 
The secrecy of passwords are usually required and critical without 
regard to the legality of one's transmission. Most computerists we 
know feel that Ma Bell has no more right to their passwords as does 
any other interloper. You i consider changing the sign-on pro- 
cedures of your BBS to provide a temporary and limited access for 
2-3 minutes, and then require the real passwords after that time. 





For more information on 
to phone systems, see PHONE COLOR B 


FBI TESTIMONY 


The following are excerpts from 21 pages of revealing testimon 
by Floyd I. Clarke, Deputy Assistant Director, Crim: lavastign 
tive Division of the FBI. We do not repeat duplicate testimony, 
and have made corrections and conciseness changes to make the 
text more readable. Parenthetical statements are ours: 


hone and computer phreaking as it relates 
SxEes ($15). | 





















HOUSE COMMITTEE ON THE JUDICIARY - Nov. 18, 1983 

Since the 1970s, the FBI has been involved in investigating crimes 
which are computer-related. We cannot say with certainty whether 
or not there has been a rise or decline in this type of crime. This is 
in part due to the fact that the FBI presently Donee its records and 
statistical compilations based on criminal violations. For example, 
our statistics would reflect our involvement in investigations of 
the Fraud-By-Wire Statute, Interstate Transportation of Stolen 
Property, Bank Fraud and Embezzlement, etc. The computer may 
be an instrumentality of these other crimes; however, since there is! 
no Federal statute specifically addressing computer crime, the FBI) 
is unable to provide statistics to reflect whether or not computer- 





tial efforts by that firm to duplicate. 





related crime is on the increase. 













COMPUTER PHREAKING II gs 


Although the Bureau has no statistical basis to evaluate the extent 
of computer-related crime, logic would indicate that, in view of, 
the increasing number of computers in use today, there ought to be 
a corresponding increase in computer-related crime. Because of 
the extensive use of computers in our society, the possibility of ex- 
tremely large losses due to computer fraud is very high. Most fi= 
nancial institutions, in the U.S. and abroad, use computers to facili- 
tate their operations. There is a potential for abuse by persons 
who have the fe recs og knowledge, seed and access to the correct 
Rese AES SoS oT WA emalos, Sroprlerary’ fakoonsationn ot Brice thes 
information can be taken from a computer without leaving much 
evidence of the crime. This is to say nothing of the theft of large 
— of money transferred by wire between financial institu- 
ons. 









cemputcz-related, and which-are within our jurisdictions -FBI's | 
responsibilities in computer-related crimes are derived juris- 
diction previously assigned to the FBI es Congress or the Attorney | 
General of the U.S. in more traditional-areas.--Fhe-statutes-most 
frequently used by the Dept. of Justice and the FBI to prosecute 
and investigate computer-related crimes are Fraud-By-Wire, Inter- 
state Transportation of Stolen Property, Bank Fraud ond Embezzle- 
ment, Destruction of Government Property, and Theft of Govern- 
ment Property. However, computer-related crimes transcend all 
the crime categories. Some of the types of cases we investigated: 


The FBI does, however, actively investigate many crimes ihe F ere | 





| 


(1) In 1979, the FBI identified a computer information service com-| 
pony - which is a company that enters, edits, stores, and retrieves 
nformation in a text format - that was, without authorization, ac- 
cessing and modifying records of a similar firm in Calif. The sec-| 
ond computer service was the primary competitor to the first, and 
the actions of the computer service caused an estimated loss of 
$7.5 Million. | 


(2) In 1980, the FBI identified a group of New York middle age 
school children (the “Dalton Gang") who accessed, without author-! 
ization, over 20 computers from the computer located at their 
school. The unauthorized accesses by this group in both the U.S. 
and Canada not only caused the loss of computer time and dis- 
rupted eg td services, but caused the destruction of inventory 
and billing figures of a Canadian firm, which necessitated substan- 


(3) In late 1982, the Washington Field Office identified a former, 
employee of the Federal Reserve Bank, who was then employed pri- 
vately as a financial analyst, who attempted to continue to access) 
information in the Federal Reserve Bank's MONEY ONE-file with-| 
out authorization. Any information he might have obtained from 
this file would have been useful in the analysis of his clients' hold- 
ings. = 





These examples are certainly not all-inclusive of our efforts in com- 
puter-related crime, but they give a broad view of the types of com-, 
puter-related crimes that are presented to the FBI for investiga-| 
tion. We have so far been able to identify and locate the person(s) 
committing each of these crimes. We hope to continue to do so. | 
We, in the FBI, have not had, to date, oy significant problems in| 
prosecution of computer-related crime under already existing stat-| 
utes over which we have jurisdiction. However, our experience in-| 
dicates that there should be some future problems in yale td 
or prosecuting under existing Federal Law, certain types o act-| 
ivity. For example, the definition of "property" with regard to com-| 
puter crime could be clarified. It is not clear whether a theft. or 
destruction of "property" would extend to information on a comput- 
er disk as opposed to a theft or destruction of the disk itself. The 
question of trespass into another's computer should also be consid- 
ered, particularly where the individual having access to the-comput-| 
er system had no criminal intent and meant no harm, and yet in- 
formation was modified or even destroyed. 


All the computer training offerred - the FBI is undertaken by the 
Economic and Financial Crimes Tra ee at the FBI’ Academy 
in Quantico. This unit consists of a Unit Chief and 6 special cgents. 

Since 1976, the FBI has conducted 3-4 week training courses on com-) 
puter-related crime at the Academy. To date, the Bureau has' 
trained over 200 Special Agents and over 85 non-FBI law enforce- | 
ment officers in these courses. 


The course requires no prior computer knowledge. During this| 
training program, students have access to an IBM mainframe com- 
puter and a micro. The IBM computer is programmed with a sim- 
ulated banking system in which there has been some fraudulent act-| 
ivity. Students learn how to program and operate the system, — 

| 


are assigned the task of pene. | the fraud. Those participating 
in these classes learn the vulnerabilities in computer systems and 

















as a result of this training, increase their abilities to investigate 
computer fraud cases. (One 3-4 week course hardly prepares a nov- 
ice to be minimally. competent with a computer system, much less 
—— prepares him to solve complex computer-related 
crimes! 


In addition to this 3-week school, the FBI also offers a condensed 1- 
week course in computer-related crime, which is taught at various 
times throughout the country. The Bureau plans to offer 5 of these 
1-week road schools in the next year. 


In addition, new Bureau agents, during their training at the FBI 
y, are also exposed to approximately 6 hours of training on 

computers and computer-related crime. Our Training Division also 

ceopeces slides and other information which is sent out to our field 

offices, 

presentatives, local law enforcement, and others. 


In summary, the FBI is actively training Bureau agents and others 
in law enforcement about computer-related crime, and is actively 
investigating these cases when they involve violations of Federal 
Statutes within our jurisdiction, avd when the U.S. Attorney agrees 
to prosecute. However, the FBI recognizes certain loopholes in cur- 
rent laws pertaining to these activities. We support your efforts to) 
address these problems. aL AS pees 


HOUSE COMMITTE ON THE JUDICIARY - Nov. 10, 1983: ° 
I will now address credit and debit card fraud. A "debit card" is 
one form of “access device" to a consumer's account that may be 
used by the consumer for the purpose of initiating an electronic 
transfer of fund. An example of a debit card is the bank card 
many financial institutions provide customers which enables cus- 
tomers to withdraw money from their bank accounts through the 
use of ATMs. Other examples of such access devices are the tele- 
phone, computer, and magnetic tape. A "credit card” is a device 
that may be used by a consumer to purchase goods and services us- 
ing the traditional paper pons invoice. The debit card appears 
to be rapidly’replacing the credit card as an exchange of value. A 
debit card may alse used to make a credit card purchase using 
the invoice receipt. 


Because credit and debit cards are playing an ever-increasing and 
important role in our society, there is, again, a very high potential 
for large losses resulting in misuses of these cards or the numbers 
embossed thereon. The Dept. of Justice has given the FBI the pri- 
mary responsibility for investigating “debit card" fraud. These vi- 
olations are set forth in the Electronics Fund Transfer Act, 15 USC 
1693-1693R. And we certainly are currently exploring the possibil- 
ity of sharing this responsibility with the et Service ri means 
of a Memo. of Understanding between our agencies (probably a bad 
idea as the loss of some efforts and duplication of others are endem- 
ic in these kinds of arrangements, and what does the Secret Ser- 
vice have to do with computer crime anyway?). A draft Memo. of 
Understanding and the attendant legal issues are now being re- 
viewed by Dept. of Justice. 


The U.S. Postal Inspection Service has primary investigative respons- 
ibility for credit card fraud since this fraud usually involves use of 
the mails. Criminal penalties for the fraudulent use of credit cards! 
are set forth in 15 use 1644. The FBI has secondary investigative’ 
responsibility in these matters. Thot is to say, when we develop ev- 
idence of credit card fraud during investigation of a matter within 
our primary jurisdiction, we would pursue the credit cord fraud vi- 
olation to a logical conclusion. We have developed a close working 
relationship in matters. of mutual interest with the Postal Inspec- 
tion Service. } 


} 
In investigating credit and debit card fraud, it is not unusual that 
the criminal act would also be a violation of other Federal laws, eg. 
statutes relating to Bank Fraud and Embezzlement, Bank Larceny, 
Interstate Transportation of Stolen Property, and Fraud by Wire. 
To my knowledge, no prosecutions have occurred using the Elec- 
tronic Fund Transfer Act. This is in part due to the fact that pro- 
secutors and law enforcement officers are more familiar with other, 
statutes, mentioned previously, which have been court-tested. ; 
Our L.A. recently concluded an investigation in which a bank em- 
ployee and her boyfriend conspired to withdraw $26,000 from four’ 
separate accounts, using ATMs. Fingerprint analysis helped deter-| 
mine that the suspect bank employee assisted in fraudulently trans- 
ferring money from legitimate customer accounts into three ficti- 
tious accounts set-up by the subjects, after which it was withdrawn 
using ATMs. Both subjects were convicted of Bank Fraud and 
Embezzlement, placed on probation, and ordered to make $8,500, 
restitution. : j 





I would also like to mention a matter which often hinders our ef-] 
forts to investigate card losses, as well as other banking violations. | 
Financial institutions are restricted by the Right to Financial Pri-| 

Act (a loophole especially created to allow banks and Het 
tich clients to benefit from laundered drug and other illegal 
monies!) concerning the reporting of crimes, even when the finan-| 





and is used in speeches for security people, banking re-|. 




































COMPUTER PHREAKING II g6 


cial institution is the victim. Since financial institutions may be! 
the object of civil actions for a mistake in releasing records, in- 
stitutions often go far beyond what is required by the Right to) 
Financial Privacy Act in order to protect themselves from produc- 
ing records (notice how this reasoning differs from that given in 
the earlier testimony above). Resorting to legal process to obtain 
financial records almost without exception takes considerable time 
from other investigations and is a tremendous drain of our resources 
as well as those of respective U.S. Attorneys. 





neg SUBCOMMITTEE ON TRANSPORTATION, etc. - Oct. 17,| 
I would like to point out three things that we in the FBI believe ore| 
key to understanding the -FBHs perspective on computer-related] 
crimes: 





(1) The computer is an instrumentality of some form of traditional | 
crime, eg. theft and larceny. It is much like a gun, knife, or forg-| 
CLs. pen... ae ‘ : ee 


(2) Of a more academic but critical nature, there does not exist! 
one generally recognized and accepted definition as to what comput-_ 
er-related crime is. Therefore, we do not have an objective stan-| 
dard to measure the trends of computer-related crime. 
(3) In view of the FBI's current structure of management by pro-| 
gram, rather than by case, there is no method in place now to ob- 
serve the statistical dimensions of computer-related crime. | 
As you are aware, there is no one agency gt this time that has juris-| 
diction for computer-related crimes, and very probably there can-/| 
not be, because of the wide applications of computers. The FBI's | 
jurisdiction in computer-related crimes is derived from eetion | 
previously assigned to the FBI by Congress and the U.S. Attorney | 
General in more traditional areas. However, computer-related | 
crimes transcend all the crime categories and jurisdictions, local, 
state and Federal, again moking it difficult to measure trends in 
this type of crime. } 
Another problem that has been encountered is a.reluctancy on the | 

tt of some businesses, especially those in the financial commun- | 
ty, to report losses attributable to computer-related crimes in an | 
attempt to avoid developing an image of fiscal insecurity. There- | 
fore, in the absence of a generally accepted definition of computer- | 
related crime, coupled with the lack of a central repository for the 
statutes on computer-related crimes, it appears that no one knows | 
for sure the extent of computer-related crime. J 
There are currently some 21 states that have specific legislation to | 
address computer-related crime on a local and state level. 


Our experience indicates that certain legal issues involving comput- | 
er-related crime could be clarified, particularly the definition of | 
property in the sense of a computer program having its own clearly | 
defined inherent value and the issue of trespass. The most frequent-| 
ty. aged defense for simple unauthorized computer access is that 
the perpetrator has no criminal intent, meant no harm, there was, 
no security system and therefore no trespass. However, it is fairly 
commonly held that if an unauthorized person enters another's un- 
locked home and rummoges through the closets with no intent. to 
steal or do harm, that person could still be guilty of trespassing. It, 
is important that a legal clarification be made in this regard. 


In regards to preventive measures necessary to deal with computer- 
related crime, it appears from our experience that this is more of, 
a human problem then a technological one. In most instances 
where we have been involved in an investigation of computer- 
related crime, the crime was prspetectee by someone who had ac-) 
cess to the computer and authorization to use it. The crime was, 
facilitated by the access, and in most cases, the authorization was 
exceeded or misused. ; 


BENEFITS AND LIABILITIES 


Widespread computer phreaking clearly demonstrates that computers) 
have some very negative qualities and pose dangerous threats to indivi-| 
duals and to society in general. It is within the scope of COMPUTER 
PHREAKING II to explore the harmful effects on individuals and socie- 
ty in general of computer To present a balanced picture, we| 
also explore the important t computers provide us all. | 


COMPUTER BENEFITS!| 


(1). Computers have. replaced most of the boring and repetitive computa- | 
tional tasks of bygone years. These tasks are generally lumped together | 
as "Grunt Work." Computers are invaluable because they tremendously | 
increase efficiency and reduce costs in yey every segment of busi- | 
ness and science. We could not function with t' 


aide to ? 
nefits t 



















e ease that we do today, |ff 





— 


in regards to financial transactions, without modern computers. ° 
doubt about it, computers are extremely beneficial to our economy! We 
could not make the trillions of computations necessary to solve previous- 
ly intractable problems in mathematics, physics, chemistry, biology, 
medicine, etc., without the aid of modern computers. : . 


ecute millions of instructions per second. Zi recent- 

bit microprocessor that can execute over 5 Million in- 

per nd. One of the largest computer systems in the 

world is at Los Alamos National Lab. It is a network of ten Cray super- 

computers that has auxiliary ae of 15 trillion bits of ed and 

over 1 million files. It can access 25% of these files in less than | min- 

ute! The remaining 75% can be accessed in under 4 minutes. The Los 

Alamos supercomputer network serves 5,000 terminals scattered over 

40 square miles. Cray supercomputer can execute hundreds of mil- 

lions of instructions per second, and costs about $10 Million each! 
There are less than 500 known supercomputers in the world. 


(2) Computer storage has replaced much of what used to be stored on 
paper in file cabinets. Disks, pregnetic tapes, optical storage devices, 
and Computer Output Microfilm (COM) store data at hundreds of times 
the density of paper, thus tremendously saving forest trees, storage 
areas and trash dumps.. Computerized records can be written, edited, 
formatted, :eproduced, reused and distributed much simpler and with 
much less waste than non-computerized records. 


{3)'--Smail--computers hove, ropipeer the -electrical_control circuits. of 
many household appliances, home entertainment equipment, office 
equipment, traffic lights, industrial processes, security be a ar he medi- 
cal and prosthetic. devices, vehicles, energy control devices, commo 

uipment, etc. These’small, single-use computers are called "dedicat- 
ed or “special purpose" computers. Dedicated computers save much 
labor while providing dramatically increased speed, reliability, and ver- 
satility. 


(4) Computers have much increased the safety and efficiency of air, 
truck and rail travel. 


(5) Modern computers have increased our entertainment. Special- 
effects that could only be dreamed of just a decade ago, are now being 
routinely created by computers in special-effects labs. Synthesized mus- 
ic has exposed us ‘to sounds and arrangements never before achieved. 
Computer painting, with the help of modern multi-color printers and plot- 
ters, permits the artist to create in an hour's time what used to take 
days to create. With the help of computers, our creativity can really | 
soar. 


| obsolete. 





(6) Powerful micros are within the financial reach of most American 
families and businesses today to aid us in every aspect of our lives - 
word and data processing, entertainment (games, music, art), business 
and investing, planning, etc. With modems, distant people can "talk" to 
eachother thru their computers. 


.~COMPUTER LIABILITIES) 


(1) With the benefits of this tremendous data processing efficiency is 
the curse of the loss of personal privacy. There is absolutely no way 
that tite can be preserved when large corporations, governments 
and special interest groups have extremely large and fast computers ac- 
cessing enormous data bases. The most intimate details of your personal’ 
and private life - including financial, medical, political, religious, and/ 
lifestyle information now can be quickly accessed by literally tens of} 
thousands of people involved with these systems. i: 
According to U.S. News & World Report, April 30, 1984, personal comput-| 
er records of the. average citizen are stored in 39 federal, state and 
local government data banks, and 40 private-sector data banks. As con-| 
fidential as the IRS is supposed to be, it shares data with 38 other gov-' 
ernment offices. One critic stated that, today, "the 4th. Amendment is 
almost totally worthless." 
The real and potential abuses are incalculable! People who you don't 
know located thousands of miles away can literally make sweeping, arbi-| 
trary and capricious es in YOUR personal records - by accident or| 
design - that can adversely affect your ability to buy and sell, find a job 
or obtain credit or insurance - and do so with impunity!! This bad data! 
is then disseminated to many other computer systems located all over} 
the country, ae ee knowledge, consent or right to make correc-| 
tions! You can spend your lifetime never knowing why! And, even if 

ou verify a computer error, you will probably never be able to purge it! 
rom all of your records. Bad computer data is like a bad penny. No, 
matter how hard you try to get rid of it, it almost always turns up again, 
and again, and in some of.the most unexpected places! 


In most states, privacy laws are either non-existent, or weak simply be- 
cause the powers that control our governments and financial! institutions 
insist upon the right to invade everyone's privacy on a routine, systemat- 
ic, flagrant and everyday basis - no matter how wrong, evil, injust and 
harmful this practice is - with virtually no safeguards, accountability, or 
concern for the damages caused! In states which have privacy laws, | 
these laws are generally archaic and unenforceable when it comes to} 
computerized invasion of privacy. Short of shooting the offender, in) 
most states, virtually no recourse is available to you to stop someone 
from invading your privacy! It is this total lack of the political and legal 
establishments’ interest in protecting people from the constant and fla- 
grant invasion of lyin that makes a mockery of virtually all non | 
violent crimes. Why should a 15 year old go to jail for tapping into a) 
credit company's data files, when credit companies routinely invade pri-| 
vacy with impunity on a scale millions of times larger, and then sell and 
resell the most personal and prlvase information about millions of citi- | 
zens? The punishment should fit the gravity of the wrongdoing. } 


| 





COMPUTER PHREAKING Il 17 


Congress enacted the PRIVACY ACT of 1974 which is supposed to pro- | 
tect your privacy. But consider: | 

(A) The PRIVACY ACT only applies to SOME Federal Government | 
files. It does not apply to other governments (state, county, local), | 
quasi-Government bodies, and private business. It does not apply to law 
enforcement, classified or medical files. = 

(B) The PRIVACY. ACT is easily and usually circumvented by those) 
entities covered by it. To receive any kind of Government benefit, you 
are generally required to sign a waiver to the PRIVACY ACT ~ making 
it null and void in your case. And, if you want to find out what files the 
Government has on you, it may cost you $ Thousands and months of 
time, and the results will likely be incomplete, in error, and largely 


The NATIONAL SECURITY AGENCY (NSA) and the DRUG ENFORCE- 
MENT AGENCY (DEA) (and probably the FBI, CIA, KGB and military in- 
telligence) now operate giant computer complexes that monitors most 
microwave communications links in the country, and ALL overseas 
microwave linxs. It searches conversations for key words and phrases, 
and once found, records the entire conversation for greater scrutiny by 
their —— For example, a comment, such as, 'I wish the president 
would drop dead!' can now land your ID in numerous and nameless -Gov- 
ernment law enforcement files - even though you referred to the presi- 
dent of your golf club and you meant no harm! Electronic Mail (E-Mail) 
may mostly replace letter mail within the next decade, will be a lot easi- 
er to surveil by Government and private entities, and have little of the 
protections enjoyed by First Class Mail. 

You might ask yourself, "Since I'm a decent, hard-working, taxpaying, 
law-abiding, locally-influential citizen, why should I fear?" eep in 
mind that your.computer records can be fouled-up totally by accident 
no matter who you are, and the self-assessment of your decency and 
honesty may have nothing to do with the assessment made of you by 
those who control the computers. Your only crime may be having the 
same name as a serial killer! Most computer records are accessed bas- 
ed upon Social Security numbers. In 1985, over 100 cases of duplicate 
SS numbers were reported - egeig 8 Ngo havoc in the lives of most of 
those holders. A recent study by t Aid Society of New York on) 
the accuracy of computerized criminal histories, revealed that, of the| 
793 Hehe surveyed individual files, only 27% “vere complete and cor- 





rect! The ent of Labor estimates that 30% of the active work | 
force has a criminal history - according to their computerized records 

accessed by DOL personnel. Many citizens who have made mistakes or 

have gone through hard times in the past (ex. bankruptcy) but who have 

been responsible citizens for years, are still plagued by computerized re- 

cords of their past misdeeds and problems that are years - even.decades - 

old. Computers can ruin your life even if you are a model citizen! 


history. 

dic scale! To use an ATM or POS terminal, you insert the SMART) 

RD and the ATM or POS terminal reads the memory on the micro-| 
chip. It then evaluates you and can make, unknown to you, radical | 
changes in your persona! data stored on the microchip and in the bank's’ 
central computer, or simply confiscate your card. The question is, who 
will determine, control and access your Hengelo info. stored in the 
SMART CARD's microchip? Even if SMART CARDs are never used to 
record your religious, political and lifestyle preferences, and medical 
history, do you really want a permanent and detailed record of virtually 
every transaction you make in the hands of financial institutions, gov- 
ernments and other strangers? Or information put in there that may be 
one-sided, incomplete, inaccurate and malicious? 


(2) Aside from the people who can "legally" or "officially" access, 
change and abuse your records, computer phreaks who tap into computer | 
systems using ordinary phone lines and home micros. Or as officers and 
employees, they penetrate computer systems from within. They can ac- 
cess, change, or destroy critical personal, financial and business data at 
their fingertips. . 


The primary reasons for committing computer crimes are: 
(A) To steal money either directly or indirectly. 
(B) To invade privacy. 
(C) To create mischief or havoc or to seek revenge. 
(D) To deliberately. sabotage a system or specific files. 


Some of these crimes are committed by loners or small friendship groups. 
such as the Milwaukee-based 414 group (named after that Area Code} 


which partially penetrated the Los Alamos supercomputers. However, 
most computer crimes are committed by employees and officers of 
large organizations. 


(3) Even though computers themselves are neither good or evil, our de- 
pendence upon them and their grasp upon our lives are increasing daily 
and are extremely high. Thus, we are becoming very vulnerable to natur- 
al and manmade disasters which interrupt computer processing. Any of 
dozens of- possible computer errors and shut-downs can ruin you 
financially. 





Computers DO make mistakes! There are 4 general categories of com-| 
puter error: | 
fA) Software failure. { Data we 
(B r 


Hardware failure. D) Transmit 
Computer failures can be caused by many different factors ranging from| 
cosmic radiation to employee stupidity. The origins of most computer er-| 
rors are often difficult to determine and correct by the person harmed 
by the error. Have you ever called a store or a utility to complain about 
a billing error only to be told that it was no one's fault because the, 
“computer did it"? And the same "computer error" is repeated for| 
months more? Using the computer as a scapegoat and coverup for in- 
competence, negligence, carelessness and fraud is in vogue these days. __ 


error. 


Don't assume that because your bill has been prepared by a computer 
that it is correct! Many unscrupulous businesses and institutions pur- 
posely manipulate their computers to steal from the public. A common) 
rip-off tactic - particulary practiced by financial! institutions - is calcu- 
lating interest charges so that the actual interest rate you pay far ex- 
ceeds what was contracted for. Other common tactics are: 

(B) Adding bogus purchases to your account. 
C) Failure to credit payments. 
D) Failure to credit returns and refunds. 


Yet, these major cat 


ories of computer crime are virtually never pub- 
lished - not even in 


‘S$ on computer crimes and abuses! 
Yes, Virginia, the four extra zeros in your phone bill does not constitute 
the worst mistake that computers can make. We have become so de- | 

nded upon computers to operate our society that a major computer | 
ailure can cause, among other things, World War III, total economic col- 
lapse, nuclear 
On Nov. 9, 19 the failure of one 59-cent multiplexer IC resulted ina 
missile attack alert that took us to within six minutes of launching our 
ICBMs against the Soviet Union! It was only the refusal to obey launch 
orders by key personnel that prevented World War III! | 





(4) Computers cost jobs. Not only do stationary computers cost many | 
jobs, particularly those performed by clerical personnel, but they have 
produced enormous strides in the science of robotics. Computerized 
robots are now inexpensive enough to replace almost all semi-skilled 
and most skilled labor - and will eventually do so. Why should an em- 
pores hire you when he can "hire" a robot which will work flawlessly 24 

urs a day at five times your .speed - without wages, breaks, medical 
and retirement benefits, personal problems, complaints, and strikes? | 
Some say that, in the end, with computers doing most of the work, we 
will all benefit by having much more leisure time. But how do you iden- 
tify and pay such a replaced, deserving worker? Who pays him? How, 
much? For how long? And what will he do with all that idle time? 
We're talking about the Second Industrial Revolution - and a lot of peo-! 
ple may be destroyed by the cataclysmic changes being brought on by| 
computers and robots. 


(5) Computers are being used for increasingly hostile reasons. Comput- 
er networks have been created that alert physicians to the identities of 
people who have sued other doctors for malpractice, and to their attor- 
neys. Other networks have been set up to alert attorneys and the public 
to doctors who have lost malpractice cases. Patients have actually 
been refused care, and doctors have lost business because of these net- | 
works. Landlords have networks that alert them to bad renters. And, of 
course, lenders have used computers for years to deny people with bad 
credit. There's practically no end. 


(6) Our §reat personal reliance upon computers will likely destroy much | 
human talent. For example, computer synthesis of music has cost musi- 

cians much work. Computer painting will displace painters. Already, 

many accountants and draftsmen have been replaced by computers.|| 
Many physicians, attorneys, engineers, architects, etc. are now at risk. | 
Turning over our thinking and talent to computers is risky. As long as 
the computers are working and one's access is not controlled by Govern-| 
ment or big business (fat chance!), we might get away with it! i 


(7) Wall Street is becoming increasing dominated by arbitrage comput- 
ers. According to Webster, ARBITRAGE is: “Simultaneous orcteen! 
and sale of the same or equivalent security in order to profit from price, 
discre jes." ee arbitrage computers seem like the ideal way 
t® make money on stocks, these computers make ice-cold and instantan-| 
eous financial decisions that can trigger an economic collapse. Since ear-| 
7 1985, 1 began to notice wild swings in the stockmarket on an almost | 

y-to-day basis. One day, the Dow was up 33 points, and the next} 
day it was down 29. Although not the total cause of these recent and in-| 
creasing wild stockmarket swings, arbitrage is definitely the major 
cause. Arbitrage has created an unstable economic oscillator that can, 
with little stimulus, swing wildly out of control and result in a stockmar- 
ket crash that will make the 1929 crash and resultant Great Depression 
a picnic in comparison. a 


(8) With the increasing loss of privacy and job takeovers by computer 
technology, many people rightfully fear that a technological tyranny is 
at hand. It has been estimated that if Adolph Hitler or Joseph Stalin) 
had access to the computers and data banks owned By any large financial 
institution or utility today, he would have been able to detect and kill 
many times the people he did using the inefficient manual methods of 
his time. Scenarios of the country or the world being taken over by an) 
elite priesthood of computer technocrats, controlled by governments | 
and large financial institutions were at one time considered to be ridicu- | 
lous. Well, many people aren't laughing now! 





eceive error. | mi 


i ped plant meltdown, firestorms, and massive blackouts. | *f 
9, 

































($15) for details. 


COMPUTER PHREAKING II 48 


It is expected that, within the next 10 years, there will be at most four | 
global EFTS networks which will operate from huge central supercomput- | 
erized centers (in-Belgium, Switzerland, Tokyo and New York), and will) 
control 99% of the entire free world's banking operations. They will be, 
so fast and efficient, that if you make a purchase in Nigeria, and your | 
spouse makes one in Montana 10 minutes later, your New York bank will! 
have already debited your joint account for the Nigerian purchase! 

For the first time in the history of mankind, the computer technology | 
exists today to enforce on a global scale the BIBLICAL prophesy that | 
the day will come when you cannot buy or sell without the explicit r-| 
mission of the Anti-Christ (Rev. 13)!! Consider that the sum of all of | 
the alphabet positions of the letters in COMPUTER (3,15,13,16,21,20,5, | 
18) is 111. Multiply that amount by 6, the number which represents im-| 
perfection, and you get 666! ! 


Consumertronics Co. a 


2011 CRESCENT DR., P.O. DRAWER 537 
»- ALAMOGORDO, NM 88310 


GLOSSARY \. 


The following terms are defined in context to their relationship to com-, 
puter crime: 


ACCESS: Access to the 
ing, encrypting, decrypting, 


a. 
ACCESS CODE or ACCESS NUMBER: A secret phone, extension, 
account or project number, or possword used to access a computer or 


rogram. 
’ “RCCOUNT. : Refers to savings, checking, tredit, debit, inventory, or 
general ledger account. 
ACCOUNT NUMBER: A unique number that identifies an account. 
ALGORITHM: A step-by-step oaepaneeaee for solving a problem. 
ATM: Automated or Automatic Teller Machine. A computerized 
cash dispenser/acceptor used to replace a bank clerk. One inserts an en- 
coded debit card into the ATM's slot to initiate the transaction. For 
more information, see our AUTOMATIC TELLER MACHINES ($15). 
AUDIT: To examine processed data for its accuracy by comparing it 
to earlier, known accurate data. 
AUDIT : A record of the data source and all the subsequent, 
transformations that the data s thru. | 
HENTICATION PROCEDURES: (See figure on this topic). |} 
AUTHORIZE: To grant permission or access. } 
AUTO-ANSWER: Terminal software that will support a modem that ff 
automatically answers e calls. 
: Software that permits the ability to dial a phone num- 
ie of numbers from a Se keyboard command. 
CRETIN, or CHO : A person, program or computer 
that works in a slow or clumsy manner. H 
BBS: Computer Bulletin Board Service. Functions similarly to other! 
bulletin boards except that access is made by computers via phone/| 


modem hook-ups. gt | 
BIT: (1) A unit of information. (2) A unit whose valve is either 0 or 1: | 
BODY SNATCHER: A ie ne or routine which fakes a file, and) }} 
automatically creates from it a mutant. It may or may not destroy the! 
original and rename the new one as the original. | 
: Redundant, useless, false, nonfunctional or incredible. i 
. BOMB: A a goa or routine that fails because of a bug(s), usually, 
in a serious or costly way. a | 
BREAKAGE: The bleeding-off of small sums from numerous sources, 
such as by accumulating all the roundoffs from numerous savings ac-! 
counts interest computations. Each data file may lose less than a penny 
but, in large banks, the total breakage losses can amount to $ Thousands | 
per day. See SALAMI TE! IQUE. 
BRUTE FORCE: A program or person that performs a function on a 
trial-by-error basis. | 
Y BITS: Bits generated by “control” and "meta" keys on the 


eae 
3 (1) A software or hardware mistake or defect. (2) An electron- 
ic surveillance device, wired or unwired. j 
oe A small software or hardware change that improves an exist- 
eature. 
UZZ: A routine that runs with no indication of progress or expecta- 
tion of —— Hang-up. 
CALL BACK or DIAL BACK: A securit 
the user's passwords are accepted, asks him to ha 
him back on a number recorded in his file (usually w 








rocesses of creat recording, transport- 
Trepecting, Priston’! 3 andor franeforming 


ber or r 
BAGB 


in 


measure used in which after, 
up, and then dials 
n his file was first 


set up). | 
CANDYMAN: A person who compromises key seg athe accounting 
or purchasing personnel to obtain intelligence and-or devices critical to 
computer penetration, usually with bribes of money or sex. 

CATATONIA: When the computer totally locks up. | 

CHAR. Char. = Character. A Char. is any upper or lower cas letter, 
number, punctuation mark, graphics char.. or control code between) 
ASCilO and 255. : 

CHEESEBOX: An electronic device which, upon receipt of a certain’ 
phone number or data sequence, automatically switches a line to an un-| 
authorized line (perhaps to a wiretap). See our PHONE COLOR BOXES 


\ 



















| COMPUTER PHREAKING II 19. 


CHECKSUM or CRC: A sum derived from a summation check usual- 
ly without regard to overflow. ms are effective in detecting 
random, naturally caused errors but can be manipulated to not detect 
| fraud errors. To minimize the probability of manipulation, make the 

Checksum also depended. upon a key and-or random information. Two! 


types: 
(1) Standard Cyclic Redundancy Check (CRC): The message is ex- 
| pressed as a polynomial, and is then divided by a small, fixed polynomial, 
F." The remainder is the CRC. The CRC is then appended to the trans- 
mitted message. The combined message received must be evenly divisi- 
ble by "F" to be correct. 

Eh naa Arithmetic Sum: The results of a Modulo-n operation. 

2 An algorithm(s) used to encrypt and-or decrypt dota. 
COKEBOTTLE: Any unusual char. - particularly one not located on 


}] your a nae 
COMMO: Communications or telecommunications. 














COMPUTER CRIME: 9. hed 


COMPUTER SECURITY: The broad range of administrative and tech- 
nological safeguards used to protect computers and their data. Refers 
to physical security, administrative security, personnel <n commo 
i] security, EMI security, hardware oan S -or software security. 
CONFINEMENT: : Access to data while ensuring that the data can not 
be altered, erased or misused. | 

COUNTERMEASURE: Any defensive technique used to detect, pre- 
vent or expose crime. aecers GS pera aa 8 

CRACK: To defeat a code or protection or securify scheme. ~ * 7] 

CRASH: (1) Asudden or drastic hardware or software failure. A 
Crash is similar to a bomb but generally refers to a major OS or program 
failure. (2) To break out-of (ex: to break out of an applications program 
environment to an OS environment). _ 

'UNCH:. To process, usually in a complex, time-consuming or num- 
pres operations way. : 











A: In the generalized sense, includes numerical data, messages 

and-text. Maybe raw. data or processed data (information). 

DEADLOCK: Where two or/ more processes or persons cannot pro- 
ceed because each is depended upon the other to do something first. 

DEMON: A program that normally lies dormant and inert waiting for 
i] one or more events to occur... Demons differ from logic bombs because 
Demons usually have positive, functional purposes (despite the name). 
For example, a PRINTER DEMON is one in which when a file is stored 
under a certain directory, it is automatically printed out as a back- 
ground task. A DEMON DIALER is a program that repeatedly dials a 
number or range of numbers. 

DES: Data arp pha Standard - the official U.S. encryption stan- 
dard. Not accredit the NSA... =. : 

DIDDLE’ or TWEAK:. (1) To make small, simple or Lt emted 

before or while 
































changes or adjustments. .(2) To change data it is ina 
ter. : : 
pot = > To disable or remove a part of something, such as a wire or 


software statement or subroutine, so that the thing no longer functions. 
“DIVERSION: A secondary activity used to divert attention away from 
a crime or perpetrator. Examples are staged crashes, program bugs, or 
other criminal activity. -  ~ 
DRAGON:: Similar to a demon, but instead Is used by the OS to per- 
form mandatory tasks, thus causing forced interruptions. 
DWIM: . A complex procedure that tries to correct mistakes 
automatically. . * 
EARMARK: A char. (usually non-printable) or string of chars. used 
to secretly ID files or. data elements for special treatment. Earmarks 
are used by phreaks to automatically screen out or change files or data 
used for fraud purposes. . Earmarks can also be used as a 
countermeasure. : 4 : 
EFTS: Electronic Fund Transfer System. A generalized term that re- 
fers to all computerized banking operatioris involving the communica- 
tion of financial information from one point to another. Although EFTS 
has come to mean, many diverse electronic automation projects, it usual- 
ly denotes ATMs, POSs, Automated Clearing Houses, and a type of 
national banking or money settlement and clearing function. 
EMI: Electromagnetic interference (electrical noise). 
EMULATOR: A rb fart = ta real-time set-up that makes one 
‘device (ex: terminal) emulate another. 
enCRyPr: To pce or encypher data so that it becomes gibberish 


origin. 














to those who cannot decode or decipher it. Most savvy computer users 
do not rely solely upon passwords and complex sign-on procedures to pro> 
tect their systems and software. They can be too easily guessed or com- 
promised. The data.is encrypted using a “key" designed by the encodin 
scheme. The encrypted data is then transmitted. When it is receive 
by an authorized receiver, a "key" is used to DECRYPT (decipher or de- 
code) the data so that it is again meaningful. Uncoded data is called 
T. Pacorer data is called C TEXT. Encoded data is 
called CIPHERTEXT «3:25 eee oa wees 
” FILE: A computer program, routine or data file. “A DATA FILE is 
an’ crates file which is not a routine or program. ee 


A bit: or other quantity. that has two or more values, one of 
which indicates.an important event (ex. an error). vehaw is ‘ 
: = Ruined, burned out or exhausted. 

FUDGE or MASSAGE: To change data slightly to support an argu- 
-{i|.. ment or to cover up a loss or theft.- 









OS, or-a-utility routine..or program whi tforms an OS“function. 
When a od Sth: it takes Be the control of cereale OS or utility func- 
ions. 


a zombie. - The primary illegal purpose of a 
function of pr omnes Without choral 
selves. Thus, the programs will o 
is absent, but different: 


o 
5 
® 
x 
x 
“— 
a 
(@) 
ry 
= 
° 
”" 
u 
c 
3 
3 
Lal 
} 
c 
S$ 
i 

oS 


sk or f 
© screens out all bogus transactions, it returns canteas back to 

the OS printer routine to resume normal processing. of output ae: 

-GR A sick or tired person or sy ae 2 ae 
2 tiple pe A data ‘entry person. GR WORKs: Tedious and repeti- 

el ov f ; eur besoin 

- HACK: (1) To devote-a large-amount of ‘time developing-software or 
hardware into a usable form. (2) To show obsessive interest or use in 
software or hardware. : . — 

HA . 0) An obsessive computer user or programmer, Usually not 
an expert. (2) A computer phreak. * | 
HANDSHAKING:. Software.and hardware rules regarding supervisory | 
signals to and from remote devices that control communications. - 


HASH TOTAL: The result of an arithmetic operation (usually a sum) 
used pore eae The numbers need not have math. relation- 
~ to each other. . For example, the transaction number, part number 
and employee number are added together to make a Hash Total. Later,| | 
they are re-added together producing a Hash Total that is checked 
against the original Hast Total. If they don't equal, a change was made 
> of a one of the numbers, indicating possible tampering, and the 

le is flagged. 

HOOK: Non-functional program code, such as a series of NOPs, to 
os oc ee oe an oat nh fora cher route id a ie deporture 
point (replace a Jump or Call) to a routine located elsewhere. 

HIYPERSPACE: The OS environment. 

ID: Identification. Identifier. Identify. 

INFO.: Information. 

INTERCEPTION: The unauthorized reception of a signal or file. 
Legally refers to audio signals only. | 

ON or ORGANIZATION: Refers to financial institutions, 
large pagent government, and other businesses which rely upon 
computers. Som 

2 A brute-force person, program or procedure. Implies lack of, 
intelligence and skill. | 
KEY: A sequence of chars. which are combined with data to chang 
plaintext to ciphertext or vice-versa using a cipher. ENCODER'Is an e 
cryption key. DEC! is a decryption key. Encrypted data requires 
knowledge of the key to decode. Many ciphers are possible, the most 
popular of which use char. substitutions, transpositions, matrix operc- | 
tions, DES, and Public Keys. , : ; | 

KEY DATA: Refers to a data file record descriptor, such as name, 
address, account number, transaction number or code, PIN (ex: SSN), 
part number, salesman ID, vw nnapedel number, applicable discount rate, _ 
vendor ID, account type, privilege, activity status, expiration or month- 
ly closing date, etc. | 

Ku : A Rube-Goldberg program or hardware addition or change,| 


usually for temporary or testing purposes. 

LAPPING: lope ng Is a sci awe in which meticulous record keeping 
and.time management permits the phreak to deselect an existing target 
while selecting a mew one to minimizing the risk of discovery and 
identification. 

LEAKAGE: The unauthorized or illegal rernoval or copying of data. 

LEAP-FROGGING or NETWORK WEAVING: In computer networks! 
with many satellite computers hooked to each other and to a central 
computer thru various networks, Leap-F rogging is to jump among the 
satellite computers and networks, by using node switching, to reach a 
desired computer to minimize the risk or being traced back to your 





LOGIC BOMB: A Logic Bomb is a trojan horse which activates usual 
ly at a certain time or sequence of events, and damages or destroys files, 
its ee nares or routine, and-or itself. rf 

MACRO: (1) A large system (mainframe). (2) A pre-formatted log- 


on procedure, passwords, etc. 
MANIPULATION: The unauthorized changing of a program or data 
for an ulterior reason. 


CRO: Microcomputer. s } 
MISFEATURE: A seldomly used, nonsensical, obsolete or unpredict- 
able pean feature. 
MOD.: Modification. Modify. 
MODUS OPERANDI: The method a criminal uses to commit his acts 
that distinguishes his crimes from those of others. j 
MOLE: A spy for another country, business or agency who infiltrates 
an organization to steal national security information, trade secrets,| 
strategie, Deceventes files, money, etc., or to tage or create havoc. |. 
MOON DOG: A hacker who consistently works at night. | 
MOON PHASE: A seldom and apparent random event. 
MUNG: To Hoste or make irreversible changes in a program or re-, 
cording medium, usually accidental. | 












































































MUTANT: Created by a body snatcher, it closely resembles another 
file except for a few critical changes. 

ORK or NET: A set of computers, usually scattered over the 

nation or internationally, that are hooked-up to each other thru one or 

more common Foares, to communicate directly with each other. Exam- 


elenet, T +t and Uninet. 
or NODE COMPUTER: A set of computers used by a service 








lesianed for a specific user application (ex: game, 
wordprocessors, general ledger). KSOS: Kernalized Secure OS. | 

OUTPUT SPY: A program or routine that allows one to see what is 
printed on someone else's CRT or printer. 

PASSWORD: A word, phrase or combination of chars. that must be 
correctly enterred into the sgt oe for the computer to allow access 
to programs and-or data in it. Used to ID or authenticate a user, specif- 
ic resource or access mode. Used herein in the generalized sense to 
also mean PIN and access code. Most computer security schemes rely 
upon more than one password i2 protect the system. There are basical- 
ly two types of passwords: 

(1) Access Passwords: Passwords which level of access is dictated 
by assigned Protection Levels or Attributes. 

2 e Passwords: Passwords which permit the user "Total Privil- 
ege" in the system. "Total Privilege" permits the user to execute, read, 
write, rename and erase files. 

PATCH or ZAP: A software mod., usually oy using a utility (ex. DE-| 
BUG, SUPERZAP).to change tne actual bytes of program or data stored 
on disk, tape or memory. Zaps are used to implant trojan horses, and 
well as to make legitimate changes. 

PAYMENT: Refers to a payroll, dividend, interest, commission, loan, 
rent, installment, account deposit, annuity, pension, disability, welfare, 
unemployment compensation, insurance, cial Security, VA, etc. 
‘payment, : 

PENETRATATION: The successful, repeated and unauthorized ex- 
traction, use and-or modification of files. 

PERPETRATOR: Refers to one who perpetrates an action or crime. 

PIRACY: The theft of proprietary software or files. Many computer 
programmers now use sophisticated protection schemes, both hardware 
and software in nature, to protect their software from unauthorized dup- 
lication. These techniques, however, are overcome by computer whizzes 
just about as fast as new methods appear, and they prevent authorized 
users from making needed backups in case the original program is 
destroyed. 

The piracy of data from financial and 
ly thwarted * the use of passwords, cip! 
and dedicated lines. 
increasing. 

PIN or PERSONAL ID: Personal ID Number. A number that personal- 
Hi ly identifies you to a computer. For example, the account number iden- 
i] tifies a certain account. The PIN identifies you as a person authorized| 
to access that account, or the person described in that file. Also known}! 
as a password. | 

-P OM: (1) A program bug, trojan horse, logic bomb, etc., that 
cannot be ferreted out. (2) A computer phreak who can strike at will 
with impunity. 





vernment data banks is large- 
rs, authentication procedures 
Still, the piracy of data is widespread and 


number). 


verify and debit the cost of purcnases. 
* PPN: A combination of a PIN and a project number. . 


try that it would normally reject. 
PROTECTION LEVELS or ATTRIBUTES: 
signed Protection Levels. (1) Execute: Only permits the user to exe-| 
cute a program, but not to read a data file. (2) Read: Permits the user 
to execute, AND to read data files. (3) Write: Permits the user to exe- 
cute, read files, AND to write io data files. Rename: Permits the 
user to execute, read, write, AND to-rename files. (5) Kill, Erase or To- 
tal Privilege: Permits the user to execute, read, write and rename 
files, AND to kill (erase) files: 

Protection Levels are important because they allow you to assign 
access capability based upon the need of the user. For example, if a 
ie oh clerk needs oy to verify that an order was placed, he should 
not have the power to kill customer data files. 

PROTOCOL: A set of rules, configurations and procedures used so 
that two devices can communicate with each other. 

PUBLIC KEY SYSTEMS: (See section on this topic). 

QUE: (1) To line up for a turn at something. (2) "?". 

RAPE: To violently, maliciously and-or viciously damage or destroy 


a ea. data, Poe R. etc. 
EAL’ WORLD: Routine, standard, run-of-the-mill, uninspiring 
Ii, computering. | 








POP OFF: To obtain a juicy piece of info. (ex: password, credit card | 
POS: Point of Sale terminal An ATM device used in stores to enter, | 


PUSH ON: Getting a computer, program or routine to accept an en- | 


Access Passwords are as-| 






















SACRED: °A file o 
forbidden to you. ; 
SALAMI TECHNIQUE: A‘ form of computer crime in which round-off 






r hardware that is partly or totally unavailable or 


Lil] or other small amounts are diverted to a special account, which may or} [i], 


may not reduce the original accounts. See Breakage. Hl | 
ANITIZE: To delete sensitive material from a data file or to modi-| ji] 
fy it to amore innocuous form prior to general release. 

SCAVENGE or GARBAGE PICKING: (Tf To go thru trash to find and| } 
filter out important system information. (2) To go thru buffer memory} | 
or recycled diskettes, tape, etc. to pick out usable data or system| | 
information. ' 

SCRAMBLER: A device which electronically scrambles data, usually |" 
sf frequency inversion,. frequency hopping, bandsplitting, or time-divi- 
sio 


: Ty wv 


A password used to access a computer, program 
or restricted area. 


SERVICE: A computerized service, such as The Source, CompuServe, 
Delphi and Dow foe. ; 
HHAKE or LOSE: To Shoke or Lose is to evade detection. 

SIGN ON: Usually a few chars. required to sign onto a BBS (ex: “@N"), 

SILENT ALARM: A computer systemrprotection scheme that detects 
efforts to penetrate a computer system - particularly trial-ond-error 
type efforts. ae at least three sign-on attempts cre permitted be- 
fore a Silent Alarm is activated. Unknown to the-offender, the program 
enters a silent trap or interrupt routine, and a system alarm is activat- 
ed. System ond security personnel, Ma Bell security, and-or law en- 
forcement personnel are’ then: notified, usually but not always immedi=- 
ately. Also, "entrapment" procedures are activated to determine who 
the offender is, and to record all that transpires. These usually consist 
of a phone trace and-or a "game" in which the violator is roped into 
playing. The game cleverly probes the perpetrator for his ID and ad- 
dress. Of course, the alarm is not detectable by the violator. The Mil- 
waukee 414 group was caught largely due to info. derived from a Silent 
Alem pare n a California bank they penetrated. 

SLURP: (1) To read a large data file into main memory prior to pro- 
cessing it. To remove or copy a large quantity of data in one sitting 
or over a short period. 4 

SMOE: Surreptitious Methods of Entry. The art of penetrating a com- 
puter system without leaving a clue or evidenc®. . 

SNARF: To slurp pepsly or without authorization. 

SSN: Social Security Number. By far, the most commonly used PIN. 

SOLO ARTIST: A phreak who works by himself. 

SPOOF: To deliberately induce a person, program or system to take 
an incorrect action. 

AP or WIRETAP: An unauthorized monitoring circuit directly con- 
nected to a computer's commo line. 

TARGET: A person targeted by the computer crime. The target 
may be a customer, client, patron, vendor, contractor, employee, em- 
ployer, pensioner, stockholder, taxpayer, salesman, patient, welfare re- 
cipient, disability recipient, etc. sually Target refers to the victim, 
but not always. Depending upon use, it may refer to an accomplice, or 
refer to one who neither gains nor loses by the crime but whose partici- 
pation is required (unwitting accomplice). 

TEMPEST: A Government program and set of standards used to re- 
duce electromagnetic and audio eavesdropping of computer equipment 
one lines 









































and their R ‘ 

TH H: To violently or wildly move without accomplishing any- 
thing useful. 

THREADING: 


(1) The chaining of routines, programs, procedures or 
hardware together to obtain a certain result that is not obvious from ex- 
amining the individual parts. (2) The collection and combining of appar- 
ently harmless and unrelated bits of data or info. to reveal vital securi- 
ty information. 

E IT: A phreak who steals computer time to run his own 
software. 

TOGGLE: A bit, set of bits or variable that has one of two or more 
values. The program branches according to which valve is chosen. For 
example, "ON J GOTO 200,300" is a Toggle. To Toggle is to change 
such a value. 

TRANSACTION: (1) The transfer of money between accounts or be- 
tween an account and a person. (2) Adding and deleting a data file, or 
changing a data file, usually relating to pouratise 9 

T OR: An entry point into a protected computer, OS, utility, 
or applications program, that bypasses the normal security measures 
used to protect it. Trapdoors may be software or hardware. Trapdoors 
are often installed by programmers to ease the development and trouble-; 
shooting of programs and systems, or to assure access to them no matter! 
who has them or how they are used. In WAR GAMES, it was the place-| 
ment of an easily-guessed Trapdoor (“Joshua" - the developer's son's| 
name was the Trapdoor password) that permitted easy penetration. } 

TRIGGER: A Trigger is an earmark or set of event used to activate 
a logic bomb or trojan horse. } 

OJAN HORSE: A software routine (or hardware) which is insidious-| 
ly implanted in a program or routine to perform actions unrelated or| 
contrary to the original program's intent, particularly in subverting se-| 
curity. It may disclose sensitive data either by hiding it in a file or oth- 
er form of storage to be accessed later, or it may transmit the data to 
an unauthorized user. When a certain combination of events occur, the 
Trojan Horse routine takes over. Examples of Troian Horses are fogic 
‘bombs and godfathers. BEWARE OF PHREAKS BEARING GIFTS! | 

VERIFY: To prove that a routine, program, procedure or hardware 
accomplishes the exactly intended purposes in its operational security 
environment. 

WEDGE: (1) To be in a stuck or inextricably situated. (2) An unauth- 
orized routine or part that cannot be removed without causing other or 








— mage. 

HEEL: A "privilege" bit that, when set, allows one to have great 
privilege within a system. 

ZOMBIE: A program controlled by a godfather. 

















; form, fr 


¥ jron, nickel, cobalt). 


sign construction and use completely 


§ sery or playground 
y ture - were built with materials that have radioac~ 

“es minerals in them, and-or emit radioactive 
® radon 
R checked for radioactivity! The pho we! Juarez, Mexi- 


§ sign, construction 


HEAL THYSELF Il 


In 1980, PRIME TIME SATURDAY (NBC red, 
"POWER TO HEAL," describing electrical and mag- 
netic devices that accelerate tissue healing, and 
promote good health and growth in plants, animals 
and man. New medical and dental applications are 
being discovered. The FDA approves the clinical 
use of three versions of these near-miraculous heal- 
ing devices. Yet, few know about them. 

Signs, operation, installation and uses com- 
pletely descr: and illustrated - circuit diagrams, 


voltages, currents, frequencies and waveforms. 
How these devices result in healing success rates of 
80% to 90%1. These devices are leased by commer- 
cial manufacturers to fap aa ngeed for $ 

ob esa roe You can 
ea 


:000 each 
uild them for about $50 


iptions of CARDIAC PACEMAK- 
T' EFIBRIL> 


RESTORERS, BODY FUN 


CONTROLLERS, 
and TISSUE REGENERATORS; detailed descrip- 


k tion of osteogenesis; how electromagnetic heal- 
> ing works. Extra sections ont“@ Natural body elec- 
R tricity. 


@ Wound healing. @MEG devices. 
@ Magnetic Necklace. @ Orthodontical devices. @ 
Mind control and automatic learning. ONLY $9 


{ELECTROMAGNETIC BRAINBLASTER 


The aat 31, 1985 JACK ANDERSON column, the 
Feb. 1985 OMNI ("THE MIND FIELDS"), etc. des- 
cribe the type of device we develo, 
sive offshoot to our popular 
research. 

We discovered that, if you use certain electro- 
Hee, tao configurations, waveforms and intensities, 
healing results. At other particular configurations, 
waveforms and intensities a powerful, invisible, sil- 
ent and instantaneous research tool or weapon 
results! 

Complete plans include two major designs, and 
a BASIC program Itsting for calculating all coil par- 
ameters. Incl -brainwaves and EEGs; behavior 
conditioning, mind control, brainwashing and dream- 
scaping; pioniotonicel, chologicial, pesrctginels 
es ede, ical and histological effects of the 

RAINBLASTER; brain anatomy and physiology; 
positive stimulations (calming, healing, pleasure 
centers, arousal, automatic learning, biofeedback, 
etc.); stimulation techniques; es for wave- 

» modulation, duty cycle and other 
factors; biological electrical /magnetic properties; 
etc. Dozens of photos and illustrations. ONLY $25 


THE “GOLDFINGER” 


Finally, a metal detector that-detects GOLD, SIL- 
VER, PLATINUM, COPPER and ALUMINUM ob- 
bac and minerals, while rejecting all ferromagnet- 
¢ objects (ex: rusty nails, bottle caps, car parts 
and other useless iron junk)! Virtually NO commer- 
cial metal detector can distinguish coins, jewelry 
and precious treasures, artifacts and ores because 
they are either designed to detect all metals with- 
out distinction or only ferromagnetic metals (ex: 


( Pie ae Ga “= onl Boos ioe kl = 
‘and supporting parts, wered from one 9-volt 
radio tottery.” Kir parts cost about $40, and are 


as an exten- 
THYSELF 


5 commonly available or easily made. Detection in 
soil is possible to greater than one foot. 


The "GOLDFINGER"'s fascinating principles, de- 
jescribed 
trated. O 


Y $9 
THE ‘‘SILKWOOD”’ 


The *"SILKWOOD" - detects X--and Gamma-Rays, 
and Alpha and Beta Particles. Radiation causes 


g cancer, birth defects, mental retardation, sterility, 
*SILKW: 


cataracts, etc. The 

over other radiation detectors: 
@ NO GEIGER-MUELLER COUNTER TUBE IS 

USEDII A commonly available, 25-cent electronic 

part is used as the receptor - $5%+ linear from 10 


HIGH VOLTAGE IS REQUIREDI!I Can be 


OOD"'s advantages 


5 rads/min. to 1,000 rads/min.|! 


@ NO 


B safely and easily operated from two 9-volt radio 
g batteries. 


@ DESIGN IS SIMPLE!I! Only two ICs are used 
(same type). All parts cost about $30, and are com- 
monly available or easily made. Pocket-size. 


§ Quiescent current is about 5 mA. 


Have you been SILKWOODED in your job? Is 
your home radiating? Your children's school, nur- 
Many structures - even furni- 


as. Most basic building materials are never 


co radiation disaster contaminated 40 states - not 


g all uses have been found and removed! 


The "SILKWOOD" can mean life or quick death 


§ should ‘nuclear war ever result. YOU must be able 
R to positively determine what places are safe to ft 


and what items are safe to consume! -‘ASS| 


b YOUR OWN SURVIVALII 


The "SILKWOOD"'s fascinating oe eee de- 
use are completely describ- 
and illustrated. ONLY $7 ; 


VORTEX. GENERATOR 


Cool or heat with a simple three-port device. One 
port is used for ambient air input. The second port 
discharges air colder than -50 deg. F; the third dis- 
charges air hotter than +130 deg. F! NO MOVING 
PARTS! NO FOSSIL FUEL OR ELECTRICITY RE- 
rage oe NO LIQUIDS OR FREON USEDII Incredi- 
ble, Seigmers. exciting, and little understood 

inciple completely described and _ illustrated 
fwith photos). mls design. Guaranteed scientifi- 


cally sound! ONLY $7 
HEAT X=CHANGER 


TIRED OF BEING RIPPED-OFF BY THE ASTRO- 
NOMICAL PRICES OF NATURAL PROP, 
HOME HEATING OIL, WOOD AND AL? 3 
to 80% of the heat energy produced by fossil fuels 
oer up the flues of your furnace, stove, hot water 
ater, and fireplace. Describes and illustrates 
the design, construction and installation of three 
flue heat exchanger types that fit virtually every 
flue, to:'recover most, if not almost all, of the hea‘ 
you are now wasting and paying for. Contains.ener- 
gy capturing design innovations not found in com- 
mercial heat exc! ers. Very effective ere 
$$$$ HUN- 


Bits WREST oc 
TV DECODERS AND CONVERTEFS 


TV DECODERS AND CONVERTERS describe and | 


illustrate in complete detail the construction of 
several do-it-yourself TV decoders, converters, 
and related devices « for all major cable TV systems, 
and for direct reception applications. It also lists 
sources for parts and subassemblies, including our 
candid recommendations. Fascinating principles. 
Save $$$$$1 ONLY $7 


TELEPHONE RECORDER INTERFACE 


CONSUMERTRONICS CO. DID IT AGAINII -.IN 
VENTED A_ TELEPHONE RECORDER .INTER- 
FACE, WITH CRITICAL FEATURES NOT FOUND 
IN COMMERCIAL MODELS: 

@ Ultra-high — impedance (30 Meg. ohm). 
The‘ TELECORDER neither can be electronicall 
detected nor high-voltage destroyed! Virtually 
commercially sold telephone interfaces ‘(including 
Radfo Shack's, #43-236, $251!) interfaces the 
phone lines and the recorder with a simple RC net- 
‘work with about a 20K ohm AC input impedance 
that can be detected and destroyed by a rank 
amateur! a a, 

@ Simple design and construction (parts .cost 
about $50), yet produces high quality separ 

@ On-Line monitoring capabilities - YOU im- 
mediately know when an infinity bug or extension 
phone is used 7 the tape recorder automatically 
turns ON whenever an infinity bug activates or a 
phone extension is lifted. Unlike all known commer- 
cial models, the TELECORD uses a solid 
state timer that continues the recording after 
—- for as long as 30 seconds, to ferret out 
modern bugs that do not s the hookswitches. 

@ Built-in RF transmitter to transmit the re- 
corded conversation to a nearby FM radio (on an 
unused ha ay 

@ SHRIEK CUIT! Simply by momentaril 
ressing a button, a powerful, cis ei shrie! 
$ sent down the phone line, resulting in a painful 
hearing loss to anyone making obscene or harass- 
ing phone calls. NO LONGER MUST YOU TOLER- 
ATE THE INDIGNITY AND INSULT OF OBSCENE 
AND HARASSING PHONE CALLS!! Can also be us- 
ed to ferret out unwanted bugs and taps; as a mess- 
age encoding or s ing device; to trigger an in- 
finity or harmonic bug; in electronic detonator ap- 
plications; in remote control applications; as a pow- 
er source in electrical self-healing and-or "Brain- 
blaster" ications (see HEAL THYSELF If and 
ELECTROMAGNETIC BRAINBLASTER); in other 


non-phone applications. 3 
The TELECORDER Is completely described and 
illustrated. Special sections describe. basic tele- 


phony, legalities, infinity bugs, how to prevent 
phone’ eavesdropping, and types of phone ade and 
taps and how to detect them. ONLY $9 : 


THE TESLA CONNECTION 


DO THE SOVIETS CONTROL GLOBAL WEATHER 
USING 


CAN THE 

CANOES? While we groaned under the coldest win- 
ter since colonial times (winter of '76 = '77), the 
Soviets 'suffered' an extended growing season and 
bumper crop. Since 1976, many gross and unex- 
plained weather anomalies have occurred. And 
earthquakes and volcanoes are becoming increas- 
ingly active. Recent massive flooding was blamed 
on small changes in a minor air stream (‘El Nino’) - 
now believed to be Soviet-controlled! 

- We have considerable factual evidence to prove 
that the Soviet Union controls global climate, as 
well as earthquakes and volcanoes - using the prin- 
ciples of Nikola Tesla! Publication includes verba- 
tim responses from nationally known weather 
experts. ONLY $7 





KW-HR METERS 


KW-HR METERS describes in vivid detail: How ¢ 
KW-HR (electric power): Meters work; how and 
when they are calibrated; their many error modes; 
why they are usually in error (often more than 10%); 
inions of the National Bureau of Standards (NBS); § 
historical developments; the ANSI C-12 Standard; 
results from our extensive and exhaustive meter 
research and testing; and customer contributions 
over the years for this and our many other energy ¢ 
presage Also includes Demand Meters, Pole 
bea Polyphase Meters, meter creep, overload 
1» CTC. ‘ 
KW-HR METERS is the most detailed, compre- 
hensive, frank and utility-unbiased source:availa- 
ble on residential and commercial electric meter- 
ing with information found nowhere else! Dozens 
of illustrations. ONLY $12 


HIGH VOLTAGE DEVICES 


High voltage circuitry is used in many critical ap-. 
plications, of which we cover: } q 
J INS: $ Guns, Tasers, Prods, Canes, ¢ 
Batons, Umbrellas, Palm ge akg ; 
@ RADIO JAMMERS: Radio Jammers (AM, FM, 
TV, 2-meter, etc.) : 
@ FLASH DEVICES: - Flash Stun Guns, Photo-§ 
So hg the "Flashblaster," Strobes, Warning 4 
ights. K 
@ SCIENCE PROJECTS: Jacob's Ladders, Plas-% 
ma Machines, Van de Graaff Generators. , 
@ MISCELLANEOUS DEVICES: Geiger Coun-% 
ters, Fence and Perimeter Chargers, Ozone Gener- ¢ 
ators (purifiers), Fish Stunners, Bug as, Ro-§ 
dent (or Small-Game) Zappers, Plant Stimulators. 


HIGH VOLTAGE DEVICES has dozens of schemat-% 
ics, other illustrations and tables. Circuits using 
TV coc (Tesla coil), auto ignition, and trigger J 
transformers are emphasized. Has many money 
and time-saving tips, and parts pr peaks (Parts § 
are commonly available - we don't sell parts or kits.) k 
A few other publishers sell high voltage plans 
on individual devices and applications. We provide 
all of their limited information - plus much more - 
for less than 20% what it would cost you to buy all 
of their plans! And our plans have powerful innova- ¢ 
tions not found in other plans, kits or commercial % 
models! For example, our DOUBLE WHAMMY: and @ 
TIGER PAWS stun guns have 10 times the stopping ¢ 
power of what can be re sold as a stun gun! “ 
HIGH VOLTAGE DEVI is the ultimate set of 
plans on high voltage devices of all kinds and types. 
Comprehensive, exhaustive. ONLY $15 . 


TECHNICAL RESEARCH SERVICES 


TIME COSTS MONEY! Manually researching, 
through tons of books and files is very time-consum= 
ing and hit-and-miss. No matter how sharp you 
are, no one has a monopoly on knpuleders experi- 
ence, intelligence, creativity and insight! No one 
can keep up with all the electronic advances! 
There is almost always a better design, technique § 
or idea. Even a small circuit improvement can § 
save countless hours and dollars! 

ELECTRONIC DESIGNERS - ATTENTIONI! 
We have 25,700 (and growing) modern electronic 
st articles to help you in your educational 
R&D efforts. These articles vary in length from 
1/4 page to a dozen pages, and in scope from a 
'One-Transistor-Chirper' to ‘Build-Your-Own- 
Computer,' and are derived from dozens of differ- 
ent sources. Includes ny Ore of circuit - DIGI- 
TAL, ANALOG, HYBRID, ICROPROCESSOR. 
Includes many nomographs, tutorials and design- 
related software. : 

Our on-line data files are totall: 


and comprehensive data files to assist in our own 
R&D educational efforts - they are invaluable, and 
have saved us hundreds of hours. 

Circuits are indexed according to descriptively- 
modified titles. . Keyword/phrase searches are 
made _ for fe ad 10 keywords/phrases (ANDed or ¥ 
ORed) simultaneously! _ Here's how to avail our ¢ 
TECHNICAL RES CH SERVICES: ; 

@ Send us a list of keywords/phrases that hee 
want researched. Please specify which are AN 
together, else searches will be made on an ORed § 
basis (ie. each keyword/phrase sought separately). ¢ 

@ We will send you a computer printout that 
lists all of our descriptively-modified titles that fit 2 
your keywords/phrases. You then select those ¢ 
titles that you want a copy of the full article for. — 

@ FEES: All fees are non-refundable and a 
in advance. $25 for each search effort, 1-10 key- 
words/phrases. $1 extra for each keyword/phrase § 
above fo. The first 100 found titles in the list are ¢ 
at no additional cost. 10 cents extra per title for % 
each found title in excess of the first 100, $10 ex- ¢ 
tra maximum. $1 for each article that you select 
from the list for copying, $10 minimum. 

WHEN ORDERING INICAL RESEARCH 
SERVICES, PLEASE PROVIDE US YOUR KEY-¢ 
WORDS/PHRASES SO THAT WE MAY BEGIN OUR § 
SEARCH RIGHT AWAY. : 




















! REFERENCES 


For more information of PUBLIC KEY systems, refer to: | 
q BYTE, "PUBLIC KEY CRYPTOGRAPHY," Jan. 1983, P. 198. | 
2) SCIENTIFIC AMERICAN, "THE MATHEMATICS OF PUBLIC) 
KEY CRYPTOGRAPHY," Vol. 241, No. 16 (Aug. 1979), P. 146. j 
reer 80 MICRO, "SECRET CIPHERS," Mar. 1983, P: 208.-— - ; 
4) CRYPTOGRAPHY AND DATA_ SECURITY, Dorothy} 
Denning, Addison-Wesley, 1982. } 
5) CRYPTOGRAPHY: A NEW DIMENSION IN COMPUTER) 
DATA SECURITY, Carl H. Meyer, Stephen M. Matyas, John Wiley, 


1982. 
isnt? CRYPTOGRAPHY - A PRIMER, Alan Konheim, John Wiley, 


ya « | 

Other excellent references on computer crime and security: | 

1 . B'S JOURNAL, "THE CRYPTOGRAPHER'S | 

OX," May 1986, P. 58. 

2) DR. B'S JOURNAL, “AN INFINITE KEY ENCRYPTION 

" Aug. 1984, P. 44. 

ey 80) Ml O, "THE MAGIC MATRIX CRYPTOLOGY," April 

(4) CREATIVE COMPUTING, May '1983. These articles:\ 


e "BASIC CRYPTOGRAPHY," P. 178. 





"THE SECRET CODE MACHINE," P, 166. 

“ (C) "COMPUTERS AGAINST CRIME," P. 156. 

\_. (0) "THE TRAPDOOR ALGORITHM," P. 189. 

M (9) THE HACKER'S HANDBOOK, Hugo Cornwall, E. Arthur 
rown, : 

a 46) Bia HACKER'S DICTIONARY, Guy L. Steele, et al, Harper & 
Qw fe 

“9 CRIME BY COMPUTER, Don B. Parker, Scribner's Sons, 


: 8} CIPHERSYSTEMS, Henry Beker, Wiley, 1982. 
49) COMPUTER CRIME, August Bequai, Lexington Books, 1978. 
“(10) COMPUTER FRAUD AND COUNTERMEASURES, Leonard 





Krauss and Aileen MacGahan, Prentice-Hall, 1979. 
RE COMPUTER CAPERS, Thorgas Whiteside, Crowell, 1979. 
ees FIGHTING COMPUTER CRIME, Donn B. Parker, Schribner, 


(13) ELEMENTERY CRYPTANALYSIS, Vol. 22, Abraham Sink- 
ov, Math. Assoc. of America, 1966. 
(14) CRYPTANALYSIS FOR MICROCOMPUTERS, Caxton C. 


Faster, So ig 1982. 
(15) T David Kahn, Weidenfeld & 


CODEBREAKERS, 
Nicolson, 1974. 
(16) PRINCIPLES OF SECURE COMMUNICATIONS SYSTEMS, 
Don J. Torrieri, Artech House, 1985. 

CRYPTOGRAPHY AND MODERN CRYPT. 
yen YSIS, Cipher A. Deavours and Louis Kruh, Artech House, 


COMPUTER PHREAKING IT 


COMPUTER NETWORK VULNERABILITIES 


(18) CRYPTOLOGIA, Quarterly Journal of Rose-Hulman Insti 
tute of Technol: Terre Haute, IK. ! 
is (1 9) THE COMPUTER UNDERGROUND, M. Harry, Loompanics § 

nlimite: 5 " 

A20 COMPUTER AND COMMUNICATIONS SECURITY AND 

| 


PRIVACY, Congressional Report, Committee on Science and Tech- 


- notogy, 1984.° — 


(21) COMPUTER SECURITY: AN OVERVIEW OF NATIONAL 
CONCERNS AND CHALLENGES, Feb. 1983, Congressional Re-| § 
search Services, Library of Congress. 

(22) ELECTRONIC SURVEILLANCE AND CIVIL LIBERTIES, Of- 
fice of Technology Assessment, U.S. Congress, 1985. 


The premier cryptographic advocational cogemication in America is 
the AMERICAN CRY! TOGRAM ASSOCIATION, 39 Roslyn Ave.,' 
Hudson, OH 44236, which publishes THE CRYPTOGRAM. For mem- 
bership information, write, Treasurer - ACA, 12317 Dale Wood Dr.,, 
Wheaton, MD 20902. We also highly recommend the NEW YORK 
CIPHER SOCIETY, 17 Alfred Rd. W., Merrick, NY 11566 (if you 
live in ys Courses in cryptology are given at Cc 
OF NEW SEY, Union, NJ 07083. 


- FROM) Consumertronics Co.| 


CONSUMERTRONICS PUBLICATIONS: CONSUMERTRONICS CO.) 
is heavily into computer technologies. See our ads in the rear poges. 
Our other two populor computer security publications (both include) 
software) are: ABSOLUT COMPUTER SECURITY (includes our] § 
1,000 CONTEST), and CRYPTANALYSIS TECHNIQUES: 


Consumertronics Co. 
2011 CRESCENT DR., P. ©. DRAWER 537, ° 
ALAMOGORDO, NM 88310 


PHONE PHREAKING: 
CONSUMERTRONICS CO. also publishes PHO 
($15) - the singularly most comprehensive compendium of the most! 
up-to-date available schematics and plans for RED, BLUE, BLACK, | 

RAY, SILVER, YELLOW, GREEN, BROWN, PURPLE, WHITE, | 
BEIGE, S&M, CLEAR, CHEESE, CF and MUTE boxes. It also con-| 
tains BASIC listings of software to moke computers emulate phone) 
boxes, as well as sophisticated gonelabes as briefly shown on MIAMI) 
VICE and other modern ‘cops-and-robbers' TV programs. PHONE 
COLOR BOXES is sold for educational purposes only. 


§ 


Phascinated b ers, 33 “gtr ; 


TAP BACK ISSUES: We have every back issue of the uncopyright-| 
ed TAP newsletter - we sell individual copies for $2 each, and’ 
copies of all 92 TAP issues for $150. Cash preferred. Sorry, we) 
have no index of back issues. 





